Multi-domain trust management in variable-threat environments: a user-centric model

Authors:
Mike Burmester;Prasanta Das;Martin Edwards;Alec Yasinsac
Affiliations:
Florida State University, Tallahassee, FL;The MITRE Corporation, McLean, VA;The MITRE Corporation, McLean, VA;University of South Alabama, Mobile, AL
Venue:
MILCOM'09 Proceedings of the 28th IEEE conference on Military communications
Year:
2009

Citing 9
Cited 2

Role-Based Access Control Models

Computer
Protection in operating systems

Communications of the ACM
Certificate chain discovery in SPKI?SDSI

Journal of Computer Security
A General and Flexible Access-Control System for the Web

Proceedings of the 11th USENIX Security Symposium
Distributed credential chain discovery in trust management

Journal of Computer Security
Design of a Role-Based Trust-Management Framework

SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
Experience with the keynote trust management system: applications and future directions

iTrust'03 Proceedings of the 1st international conference on Trust management
Community-centric vanilla-rollback access, or: how i stopped worrying and learned to love my computer

Proceedings of the 13th international conference on Security protocols
Multi-domain trust management in variable-threat environments: a user-centric model

MILCOM'09 Proceedings of the 28th IEEE conference on Military communications

Multi-domain trust management in variable-threat environments: a user-centric model

MILCOM'09 Proceedings of the 28th IEEE conference on Military communications
Markov anomaly modeling for trust management in variable threat environments

Proceedings of the 48th Annual Southeast Regional Conference

Quantified Score

Hi-index	0.00

Visualization

Abstract

Trust Management (TM) systems are trust infrastructures that support authorization for security-critical actions in decentralized environments. In this paper we present a user-centric view to address trust management as it impacts the unanticipated user and/or user behavior for multidomain applications. This protection can be tuned to deal with users who may be responsible for an elevated threat level, and builds upon a resource-centric architecture. Our model is suitable for variable-threat environments and allows for temporary adjustments of trust levels. The expectation is to enable a Trust Management Agent to determine appropriateness of the unanticipated user or behavior, and reverse restrictions without compromising actions that took place during such periods --we term this, rollback-access. We argue that a rollback-access capability is an essential feature for security-critical applications, and is appropriate for today's military and intelligence community coalitions as they execute their particular missions in the Global War on Terrorism.