Risk management for distributed authorization
Journal of Computer Security
ASITL: adaptive secure interoperation using trust-level
PAISI'07 Proceedings of the 2007 Pacific Asia conference on Intelligence and security informatics
Hi-index | 0.01 |
Trust management system has been a promising approach to solve the access control problems in distributed systems. Delegation is a core concept in it and needs to be limited with respect to depth. In this paper, some different delegation depth control approaches in current trust management system are discussed. Then RT+0 is introduced, which incorporates the integer delegation depth control into RT0. The RT+0 credential adds to RT0 depth value, which provides a more expressive power. The changed semantics is formally defined by a translation from credential to Datalog rules. The computational complexity analysis is given and it shows that the semantics is also algorithmically tractable.