Role-Based Access Control Models
Computer
Choosing reputable servents in a P2P network
Proceedings of the 11th international conference on World Wide Web
A reputation-based approach for choosing reliable resources in peer-to-peer networks
Proceedings of the 9th ACM conference on Computer and communications security
Authorization Based on Evidence and Trust
DaWaK 2000 Proceedings of the 4th International Conference on Data Warehousing and Knowledge Discovery
Compliance Checking in the PolicyMaker Trust Management System
FC '98 Proceedings of the Second International Conference on Financial Cryptography
A propositional policy algebra for access control
ACM Transactions on Information and System Security (TISSEC)
Distributed credential chain discovery in trust management
Journal of Computer Security
The Eigentrust algorithm for reputation management in P2P networks
WWW '03 Proceedings of the 12th international conference on World Wide Web
A reputation-based trust model for peer-to-peer ecommerce communities [Extended Abstract]
Proceedings of the 4th ACM conference on Electronic commerce
Distributed audit trail analysis
SNDSS '95 Proceedings of the 1995 Symposium on Network and Distributed System Security (SNDSS'95)
Requirements for Policy Languages for Trust Negotiation
POLICY '02 Proceedings of the 3rd International Workshop on Policies for Distributed Systems and Networks (POLICY'02)
Decentralized Trust Management
SP '96 Proceedings of the 1996 IEEE Symposium on Security and Privacy
SD3: A Trust Management System with Certified Evaluation
SP '01 Proceedings of the 2001 IEEE Symposium on Security and Privacy
Trust-X: A Peer-to-Peer Framework for Trust Establishment
IEEE Transactions on Knowledge and Data Engineering
Cassandra: Distributed Access Control Policies with Tunable Expressiveness
POLICY '04 Proceedings of the Fifth IEEE International Workshop on Policies for Distributed Systems and Networks
A logic-based framework for attribute based access control
Proceedings of the 2004 ACM workshop on Formal methods in security engineering
Distributed Proving in Access-Control Systems
SP '05 Proceedings of the 2005 IEEE Symposium on Security and Privacy
Beyond proof-of-compliance: security analysis in trust management
Journal of the ACM (JACM)
Attribute-Based Access Control with Hidden Policies and Hidden Credentials
IEEE Transactions on Computers
A survey of trust and reputation systems for online service provision
Decision Support Systems
Towards an efficient and language-agnostic compliance checker for trust negotiation systems
Proceedings of the 2008 ACM symposium on Information, computer and communications security
A survey of attack and defense techniques for reputation systems
ACM Computing Surveys (CSUR)
Enforcing access control in Web-based social networks
ACM Transactions on Information and System Security (TISSEC)
Social capital, community trust, and E-government services
iTrust'03 Proceedings of the 1st international conference on Trust management
D-FOAF: distributed identity management with access rights delegation
ASWC'06 Proceedings of the First Asian conference on The Semantic Web
Effective trust management through a hybrid logical and relational approach
ASIACCS '10 Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security
Sharing reputation across virtual communities
Journal of Theoretical and Applied Electronic Commerce Research
A flexible architecture for privacy-aware trust management
Journal of Theoretical and Applied Electronic Commerce Research
An adaptive and Socially-Compliant Trust Management System for virtual communities
Proceedings of the 27th Annual ACM Symposium on Applied Computing
Adaptiveness and social-compliance in trust management within virtual communities
Web Intelligence and Agent Systems - Web Intelligence and Communities
Hi-index | 0.00 |
During their everyday decision making, humans consider the interplay between two types of trust: vertical trust and horizontal trust. Vertical trust captures the trust relationships that exist between individuals and institutions, while horizontal trust represents the trust that can be inferred from the observations and opinions of others. Although researchers are actively exploring both vertical and horizontal trust within the context of distributed computing (e.g., credential-based trust and reputation-based trust, respectively), the specification and enforcement of composite trust management policies involving the flexible composition of both types of trust metrics is currently an unexplored area. In this paper, we take the first steps towards developing a comprehensive approach to composite trust management for distributed systems. In particular, we conduct a use case analysis to uncover the functional requirements that must be met by composite trust management policy languages. We then present the design and semantics of CTM: a flexible policy language that allows arbitrary composition of horizontal and vertical trust metrics. After showing that CTM embodies each of the requirements discovered during our use case analysis, we demonstrate that CTM can be used to specify a wide range of interesting composite trust management policies, and comment on several systems challenges that arise during the composite trust management process.