A Trust Model for Capability Delegation in Federated Policy Systems.
Citation:
Kevin Feeney, Simon N. Foley, Rob Brennan:, A Trust Model for Capability Delegation in Federated Policy Systems., Sixth International Conference on Risks and Security of Internet and Systems, Timișoara, Romania, Sept 26-28, 2011, 2011, 47 - 54Download Item:
Abstract:
Federated policy systems are required to support the emergent complexity and organizational heterogeneity of modern Internet service delivery. This paper presents a distributed policy management approach which utilizes a flexible, tree-based capability authority model to partition and delegate federated capabilities or services. A trust management model and a delegation logic is defined which supports secure decentralized policy reasoning and addresses performance overheads due to distributed rule evaluation, threats from malformed or malicious federated principals and allows flexibility with respect to delegation chain reduction or capability authority re-partitioning. The system is evaluated through a security analysis and a prototype implementation of a federated policy engineering framework based on this logic is described. This framework is based on public key certificates and an extension to the Keynote Trust Management language. It provides practical management services such as key discovery and certificate revocation in addition to the core capability delegation function.
Sponsor
Grant Number
Science Foundation Ireland (SFI)
08/SRC/I1403
Author's Homepage:
http://people.tcd.ie/feeneyk1http://people.tcd.ie/rbrenna
Description:
PUBLISHEDTimișoara, Romania
Author: FEENEY, KEVIN; BRENNAN, ROB
Other Titles:
Sixth International Conference on Risks and Security of Internet and SystemsType of material:
Conference PaperCollections
Availability:
Full text availableSubject (TCD):
Smart & Sustainable PlanetDOI:
http://dx.doi.org/10.1109/CRiSIS.2011.6061828Metadata
Show full item recordLicences: