微信服务号

微信订阅号

2025-4-9- 18
Home > Archive>Volume 20, Issue 8, 2009 >2298-2306
PDF HTML XML Export Cite reminder
Behavior-Driven Role-Based Trust Management
Author:
Affiliation:

  • Article
    • | |
  • Metrics
    • |
  • Reference [14]
    • |
  • Related [20]
    • |
  • Cited by [2]
    • | |
  • Comments
    Abstract:

    RTB, the language describing behavior-driven trust management, is given. Variables are introduced into roles to maintain the cumulate behavior status of the users. Behavior-Driven credentials modify users’ assigned local roles in a trust domain according to the behaviors enforced by the users. Combined credentials improve the efficiency of trust determination. Trust policy update credentials allow trust domains to update trust policies automatically when the system statuses are changed. Implementation framework of behavior-driven trust management is described. Several optimization mechanisms of realization are discussed.

    Reference
    [1] Ferraiolo DF, Sandhu R, Gavrila S, Kuhn DR, Chandramouli R. Proposed NIST standard for role-based access control. ACM Trans. on Information and System Security, 2001,4(3):224?274.
    [2] Li NH, Mitchell JC, Winsborough WH. Design of a role-based trust management framework. In: Heather H, ed. Proc. of the IEEE Symp. on Security and Privacy. Washington: IEEE Computer Society Press, 2002. 114?130.
    [3] Blaze M, Feigenbaum J, Ioannidis J, Keromytis A. The KeyNote trust-management system version 2. IETF RFC 2704, 1999. http://www.apps.ietf.org/rfc/rfc2704.html
    [4] Gorla D, Hennessy M, Sassone V. Inferring dynamic credentials for role-based trust management. In: Bossi A, Maher MJ, eds. Proc. of the 8th ACM SIGPLAN Symp. on Principles and Practice of Declarative Programming. New York: ACM Press, 2006. 213?224.
    [5] Blaze M, Feigenbaum J, Lacy J. Decentralized trust management. In: Proc. of the 17th Symp. on Security and Privacy. Oakland: IEEE Computer Society Press, 1996. 164?173.
    [6] Lin A, Vullings E, Dalziel J. A trust-based access control model for virtual organizations. In: Proc. of the 5th Int’l Conf. on Grid and Cooperative Computing Workshops. IEEE Computer Society Press, 2006. 557?564.
    [7] Denker G, Millen J, Miyake Y. Cross-Domain access control via PKI. In: Michael JB, ed. Proc. of the 3rd Int’l Workshop on Policies for Distributed Systems and Networks (POLICY 2002). Washington: IEEE Press, 2002. 202?205.
    [8] Tran H, Hitchens M, Varadharajan V, Watters P. A trust based access control framework for P2P file-sharing systems. In: Sprague RH, ed. Proc. of the 38th Annual Hawaii Int’l Conf. on System Science. Washington: IEEE Computer Society Press, 2005.
    [9] Adams WJ, Davis NJ. IV, TMS: A trust management system for access control in dynamic collaborative environments. In: Proc. of the 25th IEEE Int’l Performance Computing and Communication Conf. Washington: IEEE Computer Society Press, 2006. 143?150.
    [10] Chakraborty S, Ray I. TrustBAC-Integrating trust relationships into the RBAC model for access control in open systems. In: Proc. of the 11th ACM Symp. on Access Control Models and Technologies. New York: ACM Press, 2006. 49?58.
    [11] Bhatti R, Bertino E, Ghafoor A. A trust-based context-aware access control model for Web-services. In: Zhang LJ, ed. Proc. of the IEEE Int’l Conf. on Web Services (ICWS 2004). Washington: IEEE Computer Society Press, 2004. 184?191.
    [12] Hong F, Zhu X, Wang SB. Delegation depth control in trust-management system. In: Proc. of the 19th Int’l Conf. on Advanced Information Networking and Applications (AINA 2005). Washington: IEEE Computer Society, 2005. 411?414.
    [13] Zhai ZD, Feng DG, Xu Z. Fine-Grained controllable delegation authorization model based on trustworthiness. Journal of Software, 2007,18(8):2002?2015 (in Chinese with English abstract). http://www.jos.org.cn/1000-9825/18/2002.htm 附中文参考文献:
    [13] 翟征德,冯登国,徐震.细粒度的基于信任度的可控委托授权模型.软件学报,2007,18(8):2002?2015. http://www.jos.org.cn/ 1000-9825/18/2002.htm
    Comments
    Comments
    分享到微博
    Submit
Get Citation

李斓,范磊,回红.行为驱动的基于角色的信任管理.软件学报,2009,20(8):2298-2306

Copy
Share
Article Metrics
  • Abstract:
  • PDF:
  • HTML:
  • Cited by:
History
  • Received:October 17,2007
  • Revised:February 21,2008
Links:Institute of Software, CASChina Computer FederationCASNSFC
You are the first2034160Visitors
Copyright: Institute of Software, Chinese Academy of Sciences Beijing ICP No. 05046678-4
Address:4# South Fourth Street, Zhong Guan Cun, Beijing 100190,Postal Code:100190
Phone:010-62562563 Fax:010-62562533 Email:jos@iscas.ac.cn
Technical Support:Beijing Qinyun Technology Development Co., Ltd.

Beijing Public Network Security No. 11040202500063