Research Projects

Last updated on Janurary 16, 2003.

Table of Contents

Trust Management

One main goal of computer security is to ensure that access to resources is restricted to parties with legitimate access permissions. Access control in decentralized, open, and distributed systems is different from access control in the traditional setting of operating systems and database systems. The main difference is that the resource owner and the requester are often unknown to one another. The term trust management was coined in Blaze, Feigenbaum, and Lacy 1996 to describe an approach to distributed access control where decisions are based on policy statements that encode trust and delegation relationships among parties. Policy statements are made by multiple principals. Some statements may be digitally signed to ensure their authenticity and integrity; these are called credentials. Some statements may be stored in local trusted storage and do not need to be signed. A trust-management (TM) language has a syntax for specifying policy statements and queries and a semantic relation for determining whether a query is true for a given set of policy statements.

Automated Trust Negotiation

Trust management uses digital credentials that document attributes of principals. Credentials may contain sensitive information and need protection. Automated Trust Negotiation (ATN) is an approach to regulate the exchange of sensitive credentials by using access-control policies.

Applied Cryptography

Trust-Management Applications

Two demonstration applications were developed under the Agile Management of Dynamic Collaboration project to experiment with policy development and requirement and to demonstrate the RT  framework. They both use the RT0  inference engine I developed.

Other Projects