Fidelis: a policy-driven trust management framework

Authors:
Walt Teh-Ming Yao
Affiliations:
Computer Laboratory, University of Cambridge, Cambridge
Venue:
iTrust'03 Proceedings of the 1st international conference on Trust management
Year:
2003

Citing 8
Cited 6

Efficient fault-tolerant certificate revocation

Proceedings of the 7th ACM conference on Computer and communications security
HYDRA: the kernel of a multiprocessor operating system

Communications of the ACM
A model of OASIS role-based access control and its support for active security

SACMAT '01 Proceedings of the sixth ACM symposium on Access control models and technologies
A model of OASIS role-based access control and its support for active security

ACM Transactions on Information and System Security (TISSEC)
Design of a Role-Based Trust-Management Framework

SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
Decentralized Trust Management

SP '96 Proceedings of the 1996 IEEE Symposium on Security and Privacy
Access Control Meets Public Key Infrastructure, Or: Assigning Roles to Strangers

SP '00 Proceedings of the 2000 IEEE Symposium on Security and Privacy
Certificate revocation and certificate update

SSYM'98 Proceedings of the 7th conference on USENIX Security Symposium - Volume 7

Using trust and risk in role-based access control policies

Proceedings of the ninth ACM symposium on Access control models and technologies
A fine-grained, controllable, user-to-user delegation method in RBAC

Proceedings of the tenth ACM symposium on Access control models and technologies
A survey of autonomic communications

ACM Transactions on Autonomous and Adaptive Systems (TAAS)
DW-RBAC: A formal security model of delegation and revocation in workflow systems

Information Systems
Dynamic access control research for inter-operation in multi-domain environment based on risk

WISA'07 Proceedings of the 8th international conference on Information security applications
Security analysis and validation for access control in multi-domain environment based on risk

ISPEC'10 Proceedings of the 6th international conference on Information Security Practice and Experience

Quantified Score

Hi-index	0.00

Visualization

Abstract

We describe Fidelis, a policy-driven trust management framework, designed for highly decentralized distributed applications, with many interoperating, collaborative but potentially distrusting principals. To address the trust management needs for such applications, Fidelis is designed to support the principle of separation of policies and credentials, and the notion of full domain autonomy. Based on these, credentials are considered simply as static data structures, much like membership cards in real life. Policies, which are autonomously specified, administered and managed, interpret and provide the semantics for these credentials. In this paper, we describe the Fidelis policy framework which serves as the abstract, conceptual foundation. We also describe a specific implementation of the policy framework, in the form of the Fidelis policy language. Both the syntax and the semantics of the language are described. A discussion is given to show that the Fidelis approach is attractive for many applications.