Aggregating Trust Using Triangular Norms in the KeyNote Trust Management System

  • Simon N. Foley
  • Wayne Mac Adams
  • Barry O’Sullivan
Part of the Lecture Notes in Computer Science book series (LNCS, volume 6710)


A Trust Management model that provides a measure of the degree to which a principal is trusted for some action is proposed. At the heart of the model is the notion that triangular norms and conorms provide a natural and consistent interpretation for trust aggregation across delegation chains. It is argued that specifying how trust is aggregated is as important as specifying a degree of trust value in an attribute certificate and, therefore, in stating the degree to which a principal trusts another, the principal should also state how that trust may aggregate across delegation chains. The model is illustrated and has been implemented using a modified, but backwards-compatible, version of the KeyNote Trust Management system.


Delegation Statement Trust Management Aggregation Operator Computing Trust Query Engine 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Becker, M., Fournet, C., Gordon, A.: Design and semantics of a decentralized authorization language. In: 20th IEEE Computer Security Foundations Symposium (January 2007)Google Scholar
  2. 2.
    Bistarelli, S., Martinelli, F., Santini, F.: A semantic foundation for trust management languages with weights: An application to the RT family. In: Rong, C., Jaatun, M.G., Sandnes, F.E., Yang, L.T., Ma, J. (eds.) ATC 2008. LNCS, vol. 5060, pp. 481–495. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  3. 3.
    Bistarelli, S., Santini, F.: Propagating multitrust within trust networks. In: SAC 2008: Proceedings of the 2008 ACM symposium on Applied computing, pp. 1990–1994. ACM, New York (2008)CrossRefGoogle Scholar
  4. 4.
    Blaze, M., Feigenbaum, J., Ioannidis, J., Keromytis, A.D.: The Keynote trust-management system, version 2, IETF RFC2704 (September 1999)Google Scholar
  5. 5.
    Blaze, M., Feigenbaum, J., Lacy, J.: Decentralized trust management. In: Proceedings of the IEEE Symposium on Research in Security and Privacy, pp. 164–173. IEEE Computer Society Press, Oakland (1996)Google Scholar
  6. 6.
    Buchanan, B., Shortliffe, E.: Ruled Based Expert Systems, The MYCIN Experiment of the Stanford Heuristic Programming Project. Addison-Wesley, Reading (1984)Google Scholar
  7. 7.
    Colbourn, C.: The Combinatorics of Network Reliability. Oxford University Press, Oxford (1987)Google Scholar
  8. 8.
    Dubois, D., Prade, H.: A review of fuzzy sets aggregation connectives. Information Sciences 36, 85–121 (1985)MathSciNetCrossRefzbMATHGoogle Scholar
  9. 9.
    Ellison, C., Frantz, B., Lampson, B., Rivest, R.L., Thomas, B., Ylonen, T.: SPKI certificate theory, IETF RFC2693 (September 1999)Google Scholar
  10. 10.
    Fagin, R.: Fuzzy queries in multimedia database systems. In: PODS 1998: Proceedings of the seventeenth ACM SIGACT-SIGMOD-SIGART symposium on Principles of database systems, pp. 1–10. ACM, New York (1998)Google Scholar
  11. 11.
    Foley, S.N.: Security risk management using internal controls. In: WISG 2009: Proceedings of the first ACM workshop on Information security governance, pp. 59–64. ACM, New York (2009)CrossRefGoogle Scholar
  12. 12.
    Foley, S.N.: Using trust management to support transferable hash-based micropayments. In: Proceedings of the 7th International Financial Cryptography Conference, FWI, Gosier (January 2003)Google Scholar
  13. 13.
    Foley, S.N., Rooney, V.: Qualitative analysis for trust management: Towards a model of photograph sharing indiscretion. In: Seventeenth International Security Protocols Workshop. LNCS. Springer, Heidelberg (April 2009) (post-proceedings forthcoming)Google Scholar
  14. 14.
    Gilbert, E., Karahalios, K.: Predicting tie strength with social media. In: Proceedings of the 27th international conference computer-human interaction (January 2009)Google Scholar
  15. 15.
    Haenni, R., Jonczy, J.: A new approach to PGP’s web of trust. In: EEMA 2007: European e-Identity Conference, Paris, France (2007)Google Scholar
  16. 16.
    Jøsang, A., Bhuiyan, T.: Optimal trust network analysis with subjective logic. In: Second International Conference on Emerging Security Information, Systems and Technologies (SECURWARE), pp. 179–184 (2008)Google Scholar
  17. 17.
    Jøsang, A., Hayward, R., Pope, S.: Trust network analysis with subjective logic. In: ACSC: Proceedings of the 29th Australasian Computer Science Conference, pp. 85–94 (2006)Google Scholar
  18. 18.
    Jøsang, A., Ismail, R., Boyd, C.: A survey of trust and reputation systems for online service provision. Decis. Support Syst. 43(2), 618–644 (2007)CrossRefGoogle Scholar
  19. 19.
    Klement, E.P., Mesiar, R., Pap, E.: On the relationship of associative compensatory operators to triangular norms and conorms. International Journal of Uncertainty, Fuzziness and Knowledge based Systems 4(2) (1996)Google Scholar
  20. 20.
    Li, J., Li, N., Winsborough, W.: Automated trust negotiation using cryptographic credentials. In: Proceedings of the 12th ACM conference on Computer and Communications Security (January 2005)Google Scholar
  21. 21.
    Mackworth, A.: Constraint satisfaction. In: Shapiro, S. (ed.) Encyclopedia of AI, 2nd edn, pp. 285–293. John Wiley & Sons, Chichester (1992)Google Scholar
  22. 22.
    Mahoney, G., Myrvold, W., Shoja, G.: Generic reliability trust model. In: Proceedings of the 3rd Annual Conference on Privacy, Security and Trust (PST), 3rd edn, vol. 5 (2005)Google Scholar
  23. 23.
    Montanari, U.: Networks of constraints: Fundamental properties and applications to picture processing. Information Science 7, 95–132 (1974)MathSciNetCrossRefzbMATHGoogle Scholar
  24. 24.
    Reiter, M., Stubblebine, S.: Authentication metric analysis and design. ACM Trans. Inf. Syst. Secur. 2(2), 138–158 (1999)CrossRefGoogle Scholar
  25. 25.
    Riegelsberger, J., Sasse, M., McCarthy, J.: The mechanics of trust: A framework for research and design. Int. J. Hum.-Comput. Stud. 62(3), 381–422 (2005)CrossRefGoogle Scholar
  26. 26.
    Schweizer, B., Sklar, A.: Probabilistic metric spaces. North Holland, New York (1983)zbMATHGoogle Scholar
  27. 27.
    Team Choco: choco: an open source java constraint programming library. In: Third International CSP Solver Competition, Website, (2008)
  28. 28.
    Zimmermann, H.J., Zysno, P.: Latent connectives in human decision making. Fuzzy Sets and Systems 4, 37–51 (1980)CrossRefzbMATHGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2011

Authors and Affiliations

  • Simon N. Foley
    • 1
  • Wayne Mac Adams
    • 1
  • Barry O’Sullivan
    • 1
  1. 1.Cork Constraint Computation Centre, Department of Computer ScienceUniversity College CorkIreland

Personalised recommendations