Trust Management in P2P Systems Using Standard TuLiP

  • Marcin Czenko
  • Jeroen Doumen
  • Sandro Etalle
Part of the IFIP – The International Federation for Information Processing book series (IFIPAICT, volume 263)

In this paper we introduce Standard TuLiP - a new logic based Trust Management system. In Standard TuLiP, security decisions are based on security credentials, which can be issued by different entities and stored at different locations. Standard TuLiP directly supports the distributed credential storage by providing a sound and complete Lookup and Inference AlgoRithm (LIAR). In this paper we focus on (a) the language of Standard TuLiP and (b) on the practical considerations which arise when deploying the system. These include credential encoding, system architecture, system components and their functionality, and also the usability issues.


Trust Management Policy Decision Point Trust Negotiation Security Assertion Markup Language Trust Management System 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
    K. R. Apt and I. Luitjes. Verification of logic programs with delay declarations. In AMAST, volume 936 of LNCS, pages 66-90. Springer, 1995.Google Scholar
  2. 2.
    E. Bertino, E. Ferrari, and A. C. Squicciarini. Trust-X : A Peer-to-Peer Framework for Trust Establishment. IEEE Trans. Knowl. Data Eng., 16(7):827-842, 2004.CrossRefGoogle Scholar
  3. 3.
    M. Blaze, J. Feigenbaum, J. Ioannidis, and A. Keromytis. The KeyNote Trust-Management System, Version 2. IETF RFC 2704, September 1999.Google Scholar
  4. 4.
    M. Blaze, J. Feigenbaum, and J. Lacy. Decentralized Trust Management. In Proc. 17th IEEE Symposium on Security and Privacy, pages 164-173. IEEE Computer Society Press, May 1996.Google Scholar
  5. 5.
    D. Clarke, J.E. Elien, C. Ellison, M. Fredette, A. Morcos, and R. L. Rivest. Certificate Chain Discovery in SPKI/SDSI. Journal of Computer Security, 9(4):285-322, 2001.Google Scholar
  6. 6.
    M. R. Czenko and S. Etalle. Core TuLiP - Logic Programming for Trust Management. In Proc. 23rd International Conference on Logic Programming, ICLP 2007, Porto, Portugal, volume 4670 of LNCS, pages 380-394, Berlin, 2007. Springer Verlag.Google Scholar
  7. 7.
    Freeband Communication. I-Share: Sharing resources in virtual communities for storage, communications, and processing of multimedia data.URL: Scholar
  8. 8.
    S. L. Jarvenpaa, N. Tractinsky, and M. Vitale. Consumer Trust in an Internet Store. Inf. Tech.and Management, 1(1-2):45-71, 2000.CrossRefGoogle Scholar
  9. 9.
    T. Jim. SD3: A Trust Management System with Certified Evaluation. In Proc. IEEE Sympo-sium on Security and Privacy, pages 106-115. IEEE Computer Society Press, 2001.Google Scholar
  10. 10.
    F. Lee, D. Vogel, and M. Limayem. Adoption of informatics to support virtual communi-ties. In HICSS ’02: Proc. 35th Annual Hawaii International Conference on System Sciences (HICSS’02)-Volume 8, page 214.2. IEEE Computer Society Press, 2002.Google Scholar
  11. 11.
    N. Li, B. Grosof, and J. Feigenbaum. Delegation Logic: A Logic-based Approach to Distributed Authorization. ACM Transactions on Information and System Security (TISSEC), 6(1):128-171, 2003.Google Scholar
  12. 12.
    N. Li, J. Mitchell, and W. Winsborough. Design of a Role-based Trust-management Frame-work. In Proc. IEEE Symposium on Security and Privacy, pages 114-130. IEEE Computer Society Press, 2002.Google Scholar
  13. 13.
    N. Li, W. Winsborough, and J. Mitchell. Distributed Credential Chain Discovery in Trust Management. Journal of Computer Security, 11(1):35-86, 2003.CrossRefGoogle Scholar
  14. 14.
    LIACC/Universidade do Porto and COPPE Sistemas/UFRJ. YAP Prolog, April 2006.Google Scholar
  15. 15.
    W. Nejdl, D. Olmedilla, and M. Winslett. PeerTrust: Automated Trust Negotiation for Peers on the Semantic Web. In Secure Data Management, pages 118-132, 2004.Google Scholar
  16. 16.
    OASIS. Assertions and Protocols for the OASIS: Security Assertion Markup Language (SAML) V2.0, March 2005.Google Scholar
  17. 17.
    OASIS. eXtensible Access Control Markup Language (XACML) Version 2.0 URL:, Feb 2005.Google Scholar
  18. 18.
    OASIS. SAML V2.0 Executive Overview, April 2005.Google Scholar
  19. 19.
    S. Ratnasamy, P. Francis, M. Handley, R. M. Karp, and S. Shenker. A scalable content-addressable network. In SIGCOMM, pages 161-172, 2001.Google Scholar
  20. 20.
    W3C. XML-Signature Syntax and Processing, Feb 2002.Google Scholar
  21. 21.
    W3C. Extensible Markup Language (XML) 1.1 (Second Edition), Sep 2006.Google Scholar
  22. 22.
    W3C. Namespaces in XML 1.0 (Second Edition), Aug 2006.Google Scholar
  23. 23.
    W. H. Winsborough and N. Li. Towards Practical Automated Trust Negotiation. In POLICY, pages 92-103. IEEE Computer Society Press, 2002.Google Scholar

Copyright information

© IFIP International Federation for Information Processing 2008

Authors and Affiliations

  • Marcin Czenko
    • 1
  • Jeroen Doumen
    • 1
  • Sandro Etalle
    • 2
  1. 1.Department of Computer ScienceUniversity of TwenteNetherlands
  2. 2.University of TwenteNetherlands

Personalised recommendations