Skip to main content
SpringerLink
Log in

An Introduction to the Role Based Trust Management Framework RT

  • Conference paper
Foundations of Security Analysis and Design IV (FOSAD 2007, FOSAD 2006)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 4677))

Abstract

Trust Management (TM) is a novel flexible approach to access control in distributed systems, where the access control decisions are based on the policy statements, called credentials, made by different principals and stored in a distributed manner. In this chapter we present an introduction to TM focusing on the role-based trust-management framework RT. In particular, we focus on RT\(_\textrm{0}\), the simplest representative of the RT family, and we describe in detail its syntax and semantics. We also present the solutions to the problem of credential discovery in distributed environments.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Abdul-Rahman, A., Hailes, S.: Supporting Trust in Virtual Communities. In: Proc. 33rd Hawaii International Conference on System Sciences, vol. 6, p. 6007. IEEE Computer Society Press, Los Alamitos (2000)

    Google Scholar 

  2. ANSI: American National Standard for Information Technology – Role Based Access Control. ANSI INCITS 359-2004 (February 2004)

    Google Scholar 

  3. Appel, A.W., Felten, E.W.: Proof-Carrying Authentication. In: CCS 1999: Proc. 6th ACM Conference on Computer and Communications Security, pp. 52–62. ACM Press, New York (1999)

    Chapter  Google Scholar 

  4. Bauer, L., Schneider, M.A., Felten, E.W.: A General and Flexible Access-Control System for the Web. In: Proc. 11th USENIX Security Symposium, USENIX Association, pp. 93–108 (2002)

    Google Scholar 

  5. Bauer, L.: Access Control for the Web via Proof-Carrying Authorization. PhD thesis, Adviser-Andrew W. Appel. (2003)

    Google Scholar 

  6. Becker, M.Y., Sewell, P.: Cassandra: Distributed Access Control Policies with Tunable Expressiveness. In: Proc. 5th IEEE International Workshop on Policies for Distributed Systems and Networks (POLICY 2004), pp. 159–168. IEEE Computer Society Press, Los Alamitos (2004)

    Chapter  Google Scholar 

  7. Becker, M.Y., Sewell, P.: Cassandra: Flexible Trust Management, Applied to Electronic Health Records. In: CSFW, pp. 139–154. IEEE Computer Society Press, Los Alamitos (2004)

    Google Scholar 

  8. Blaze, M., Feigenbaum, J., Ioannidis, J., Keromytis, A.: The KeyNote Trust-Management System, Version 2. IETF RFC 2704 (1999)

    Google Scholar 

  9. Blaze, M., Feigenbaum, J., Ioannidis, J., Keromytis, A.: The Role of Trust Management in Distributed Systems Security. In: Vitek, J., Jensen, C. (eds.) Secure Internet Programming. LNCS, vol. 1603, pp. 185–210. Springer, Heidelberg (1999)

    Chapter  Google Scholar 

  10. Blaze, M., Feigenbaum, J., Lacy, J.: Decentralized Trust Management. In: Proc. 17th IEEE Symposium on Security and Privacy, pp. 164–173. IEEE Computer Society Press, Los Alamitos (1996)

    Google Scholar 

  11. Bonatti, P., Duma, C., Olemdilla, D., Shahmehri, N.: An Integration of Reputation-based and Policy-based Trust Management. In: Proc. Semantic Web and Policy Workshop (2005)

    Google Scholar 

  12. Clarke, D., Elien, J.E., Ellison, C., Fredette, M., Morcos, A., Rivest, R.L.: Certificate Chain Discovery in SPKI/SDSI. Journal of Computer Security 9(4), 285–322 (2001)

    Google Scholar 

  13. Dellarocas, C.: Analyzing the Economic Efficiency of eBay-like Online Reputation Reporting Mechanisms. In: Proc. 3rd ACM conference on Electronic Commerce, pp. 171–179. ACM Press, New York (2001)

    Chapter  Google Scholar 

  14. Ellison, C., Frantz, B., Lampson, B., Rivest, R., Thomas, B., Ylonen, T.: SPKI Certificate Theory. IETF RFC 2693 (September 1999)

    Google Scholar 

  15. Etalle, S., Winsborough, W.H.: A Posteriori Compliance Control. In: Proc. 12th ACM Symposium on Access Control Models and Technologies, ACM Press, New York (2007)

    Google Scholar 

  16. Gunter, C., Jim, T.: Policy-directed Certificate Retrieval. Software: Practice & Experience 30(15), 1609–1640 (2000)

    Article  MATH  Google Scholar 

  17. Herzberg, A., Mass, Y., Michaeli, J., Ravid, Y., Naor, D.: Access Control Meets Public Key Infrastructure, Or: Assigning Roles to Strangers. In: Proc. IEEE Symposium on Security and Privacy, pp. 2–14. IEEE Computer Society Press, Los Alamitos (2000)

    Google Scholar 

  18. Jarvenpaa, S.L., Tractinsky, N., Vitale, M.: Consumer Trust in an Internet Store. Inf. Tech. and Management 1(1-2), 45–71 (2000)

    Article  Google Scholar 

  19. Jim, T.: SD3: A Trust Management System with Certified Evaluation. In: Proc. IEEE Symposium on Security and Privacy, pp. 106–115. IEEE Computer Society Press, Los Alamitos (2001)

    Google Scholar 

  20. Jøsang, A.: The Right Type of Trust for Distributed Systems. In: NSPW 1996: Proc. Workshop on New Security Paradigms, pp. 119–131. ACM Press, New York (1996)

    Chapter  Google Scholar 

  21. Kamvar, S.D., Schlosser, M.T., Garcia-Molina, H.: The Eigentrust Algorithm for Reputation Management in P2P Networks. In: Proc. 12th International Conference on World Wide Web, pp. 640–651. ACM Press, New York (2003)

    Google Scholar 

  22. Li, N., Feigenbaum, J., Grosof, B.N.: A Logic-based Knowledge Representation for Authorization with Delegation (Extended Abstract). In: Proc. 1999 IEEE Computer Security Foundations Workshop, pp. 162–174. IEEE Computer Society Press, Los Alamitos (1999)

    Google Scholar 

  23. Li, N., Mitchell, J.: RT: A Role-based Trust-management Framework. In: Proc. 3rd DARPA Information Survivability Conference and Exposition (DISCEX III), pp. 201–212. IEEE Computer Society Press, Los Alamitos (2003)

    Google Scholar 

  24. Li, N., Mitchell, J., Winsborough, W.: Design of a Role-based Trust-management Framework. In: Proc. IEEE Symposium on Security and Privacy, pp. 114–130. IEEE Computer Society Press, Los Alamitos (2002)

    Google Scholar 

  25. Li, N., Winsborough, W., Mitchell, J.: Distributed Credential Chain Discovery in Trust Management. Journal of Computer Security 11(1), 35–86 (2003)

    Google Scholar 

  26. Czenko, M., Tran, H., Doumen, J., Etalle, S., Hartel, P., den Hartog, J.: Nonmonotonic Trust Management for P2P Applications. In: Proc. 1st International Workshop on Security and Trust Management, pp. 101–116. Elsevier, Amsterdam (2005)

    Google Scholar 

  27. Mui, L., Mohtashemi, M., Halberstadt, A.: A Computational Model of Trust and Reputation for E-businesses. Hicss 07, 188 (2002)

    Google Scholar 

  28. Resnick, P., Kuwabara, K., Zeckhauser, R., Friedman, E.: Reputation systems. Commun. ACM 43(12), 45–48 (2000)

    Article  Google Scholar 

  29. Rivest, R., Lampson, B.: SDSI – A Simple Distributed Security Infrastructure (October 1996), Available at http://theory.lcs.mit.edu/~rivest/sdsi11.html

  30. Shmatikov, V., Talcott, C.L.: Reputation-based Trust Management. Journal of Computer Security 13(1), 167–190 (2005)

    Google Scholar 

  31. Weeks, S.: Understanding Trust Management Systems. In: Proc. IEEE Symposium on Security and Privacy, pp. 94–105. IEEE Computer Society Press, Los Alamitos (2001)

    Google Scholar 

  32. Winsborough, W.H., Li, N.: Towards Practical Automated Trust Negotiation. In: POLICY, pp. 92–103. IEEE Computer Society Press, Los Alamitos (2002)

    Google Scholar 

  33. Xiong, L., Liu, L.: A Reputation-based Trust Model for Peer-to-Peer eCommerce Communities. In: ACM Conference on Electronic Commerce, pp. 228–229. ACM, New York (2003)

    Google Scholar 

  34. Xiong, L., Liu, L.: PeerTrust: Supporting Reputation-Based Trust for Peer-to-Peer Electronic Communities. IEEE Trans. Knowl. Data Eng. 16(7), 843–857 (2004)

    Article  Google Scholar 

  35. Yahalom, R., Klein, B., Beth, T.: Trust Relationships in Secure Systems – A Distributed Authentication Perspective. In: RSP: IEEE Computer Society Symposium on Research in Security and Privacy, IEEE Computer Society, Los Alamitos (1993)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science, University of Twente, The Netherlands

    Marcin Czenko & Sandro Etalle

  2. University of Trento, Italy

    Sandro Etalle

  3. Department of Computer Science, University of Texas, San Antonio, USA

    Dongyi Li & William H. Winsborough

Authors
  1. Marcin Czenko
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Sandro Etalle
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Dongyi Li
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. William H. Winsborough
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Alessandro Aldini Roberto Gorrieri

Rights and permissions

Reprints and permissions

Copyright information

© 2007 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Czenko, M., Etalle, S., Li, D., Winsborough, W.H. (2007). An Introduction to the Role Based Trust Management Framework RT. In: Aldini, A., Gorrieri, R. (eds) Foundations of Security Analysis and Design IV. FOSAD FOSAD 2007 2006. Lecture Notes in Computer Science, vol 4677. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-74810-6_9

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-74810-6_9

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-74809-0

  • Online ISBN: 978-3-540-74810-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation