Requirements for policy languages for trust negotiation
- 25 June 2003
- conference paper
- Published by Institute of Electrical and Electronics Engineers (IEEE)
Abstract
In open systems like the Internet, traditional approaches to security based on identity do not provide a solution to the problem of establishing trust between strangers, because strangers do not share the same security domain. A new approach to establishing trust between strangers is trust negotiation, the bilateral exchange of digital credentials describing attributes of the negotiation participants. This approach relies on access control policies that govern access to protected resources by specifying credential combinations that must be submitted to obtain authorization. We describe a model for trust negotiation, focusing on the central role of policies. We delineate requirements for policy languages and runtime systems for trust negotiation, and evaluate four existing policy languages for trust management with respect to those requirements. We conclude with recommendations for extending existing policy languages or developing new policy languages to make them suitable for use in future trust negotiation systems.Keywords
This publication has 6 references indexed in Scilit:
- Access control meets public key infrastructure, or: assigning roles to strangersPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2002
- Distributed credential chain discovery in trust managementPublished by Association for Computing Machinery (ACM) ,2001
- On specifying security policies for web documents with an XML-based languagePublished by Association for Computing Machinery (ACM) ,2001
- Securing XML documents with Author-XIEEE Internet Computing, 2001
- Interoperable strategies in automated trust negotiationPublished by Association for Computing Machinery (ACM) ,2001
- Compliance checking in the PolicyMaker trust management systemPublished by Springer Nature ,1998