Trust Management in Open Systems (TMOS)
Abstract
Distributed software subjects face the problem of determining one another's trustworthiness. The problem considered in the Trust Management in Open Systems (TMOS) project is management of the exchange of sensitive credentials between strangers for the purpose of property-based authentication and authorization. We designed a framework in which client and server establish mutual trust by exchanging credentials that are themselves protected resources. Protected resources are governed by role-based access control policies where roles are derived directly from property-based credentials. Within the framework, credentials are disclosed only to entities that meet the governing access control policies. By performing a sequence of credential exchanges, the framework establishes trust incrementally, enabling sensitive credentials to flow as required to meet the trust requirements of a desired transaction. In addition to a trust negotiation framework, we developed the concept of a negotiation strategy. A negotiation strategy controls the exchange of credentials. For instance, it determines how success and failure are detected. It also determines whether the exchange is guided by an exchange of explicit credential requests and, if so, the content of those requests. We formally specified and analyzed three negotiation strategies (the eager strategy, the parsimonious strategy, and the prudent strategy) and investigated hybrids of these strategies.
Document Details
- Document Type
- Technical Report
- Publication Date
- May 01, 2002
- Accession Number
- ADA403753
Entities
People
- Kent Seamons
- Vicki E. Jones
- William H. Winsborough
Organizations
- North Carolina State University