From Access Control to Trust Management, and Back – A Petition

  • Dieter Gollmann
Part of the IFIP Advances in Information and Communication Technology book series (IFIPAICT, volume 358)


In security too often services are understood not from first principles but via characteristic mechanisms used for their delivery. Access control had got tied up with DAC, MAC, RBAC and reference monitors. With developments in distributed systems security and with the opening of the Internet for commercial use new classes of access control mechanisms became relevant that did not fit into the established mold. Trust Management was coined as a term unifying the discussion of those mechanisms. We view trust as a placeholder that had its use in driving this research agenda, but argue that trust is so overloaded that it is now an impediment for further progress. Our petition asks for a return to access control and proposes a new framework for structuring investigations in this area.


Access Control Security Policy Trust Management User Identity Reputation System 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
    Bell, D.E., LaPadula, L.J.: Secure computer systems: Mathematical foundations and model. Technical Report M74-244, The MITRE Corporation, Bedford, MA (May 1973)Google Scholar
  2. 2.
    Blaze, M., Feigenbaum, J., Ioannidis, J., Keromytis, A.D.: The KeyNote Trust-Management System Version 2, RFC 2704 (September 1999)Google Scholar
  3. 3.
    Blaze, M., Feigenbaum, J., Lacy, J.: Decentralized trust management. In: Proceedings of the 1996 IEEE Symposium on Security and Privacy, pp. 164–173 (1996)Google Scholar
  4. 4.
    Bonatti, P.A., Duma, C., Olmedilla, D., Shahmehri, N.: An integration of reputation-based and policy-based trust management. In: Semantic Web Policy Workshop in Conjunction with 4th International Semantic Web Conference, Galway, Ireland (November 2005)Google Scholar
  5. 5.
    Colombo, M., Martinelli, F., Mori, P., Petrocchi, M., Vaccarelli, A.: Fine grained access control with trust and reputation management for globus. In: Chung, S. (ed.) OTM 2007, Part II. LNCS, vol. 4804, pp. 1505–1515. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  6. 6.
    Feigenbaum, J.: Overview of the AT&T Labs trust-management project. In: Christianson, B., Crispo, B., Harbison, W.S., Roe, M. (eds.) Security Protocols 1998. LNCS, vol. 1550, pp. 45–50. Springer, Heidelberg (1999)CrossRefGoogle Scholar
  7. 7.
    International Organisation for Standardization. Basic Reference Model for Open Systems Interconnection (OSI) Part 2: Security Architecture, Genève, Switzerland (1989)Google Scholar
  8. 8.
    Gollmann, D.: Why trust is bad for security. Electronic Notes on Theoretical Computer Science 157(3), 3–9 (2006)CrossRefGoogle Scholar
  9. 9.
    Jøsang, A., Gollmann, D., Au, R.: A method for access authorisation through delegation networks. In: Safavi-Naini, R., Steketee, C., Susilo, W. (eds.) Proc. Fourth Australasian Information Security Workshop (Network Security) (AISW 2006), Hobart, Australia. CRPIT, vol. 54, pp. 165–174 (2006)Google Scholar
  10. 10.
    Krukow, K., Nielsen, M., Sassone, V.: A logical framework for history-based access control and reputation systems. Journal of Computer Security 16(1), 63–101 (2008)Google Scholar
  11. 11.
    La Macchia, B.A., Lange, S., Lyons, M., Martin, R., Price, K.T.: .NET Framework Security. Addison-Wesley Professional, Boston (2002)Google Scholar
  12. 12.
    Lampson, B., Abadi, M., Burrows, M., Wobber, E.: Authentication in distributed systems: Theory and practice. ACM Transactions on Computer Systems 10(4), 265–310 (1992)CrossRefGoogle Scholar
  13. 13.
    OASIS. Assertions and Protocols for the OASIS Security Assertion Markup Language (SAML) v2.0. Technical report, OASIS Standard (March 2005)Google Scholar
  14. 14.
    Sandhu, R.S., Ferraiolo, D., Kuhn, R.: The NIST model for role based access control: Toward a unified standard. In: Proceedings of the 5th ACM Workshop on Role Based Access Control, pp. 47–63 (July 2000)Google Scholar
  15. 15.
    Sukumaran, S., Blessing, E.: Reputation based localized access control for mobile ad-hoc networks. In: Kunz, T., Ravi, S.S. (eds.) ADHOC-NOW 2006. LNCS, vol. 4104, pp. 197–210. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  16. 16.
    Yong, H.: Reputation and role based access control model for multi-domain environments. In: 2010 International Symposium on Intelligence Information Processing and Trusted Computing (IPTC), pp. 597–600 (October 2010)Google Scholar
  17. 17.
    Zemanek, H.: Was ist Informatik? Elektronische Rechenanlagen, 157–161 (1971)Google Scholar

Copyright information

© International Federation for Information Processing 2011

Authors and Affiliations

  • Dieter Gollmann
    • 1
  1. 1.Hamburg University of TechnologyHamburgGermany

Personalised recommendations