Managing trust between collaborating companies using outsourced role based access control
RBAC '99 Proceedings of the fourth ACM workshop on Role-based access control
ConChord: Cooperative SDSI Certificate Storage and Name Resolution
IPTPS '01 Revised Papers from the First International Workshop on Peer-to-Peer Systems
Risk assessment in distributed authorization
Proceedings of the 2005 ACM workshop on Formal methods in security engineering
User centricity: a taxonomy and open issues
Proceedings of the second ACM workshop on Digital identity management
User centricity: A taxonomy and open issues
Journal of Computer Security - The Second ACM Workshop on Digital Identity Management - DIM 2006
Risk management for distributed authorization
Journal of Computer Security
Design and implementation of access control system for smart office environment
ISSS'02 Proceedings of the 2002 Mext-NSF-JSPS international conference on Software security: theories and systems
A provider-level reputation system for assessing the quality of SPIT mitigation algorithms
ICC'09 Proceedings of the 2009 IEEE international conference on Communications
Verifying the incorrectness of programs and automata
SARA'05 Proceedings of the 6th international conference on Abstraction, Reformulation and Approximation
Towards an evaluation methodology for computational trust systems
iTrust'05 Proceedings of the Third international conference on Trust Management
Hi-index | 0.04 |
We identify the "trust management problem" as a distinct and important component of security in network services. Aspects of the trust management problem include formulating security policies and security credentials, determining whether particular sets of credentials satisfy the relevant policies, and deferring trust to third parties. Existing systems that support security in networked applications, including X.509 and PGP, address only narrow subsets of the overall trust management problem and often do so in a manner that is appropriate to only one application. We present a comprehensive approach to trust management, based on a simple language for specifying trusted actions and trust relationships. We also describe a prototype implementation of a "trust management system," called PolicyMaker, that can facilitate the development of security features in a wide range of network services. This paper was presented at the IEEE Symposium on Security and Privacy, Oakland CA, May 1996.