Title :
Decentralized trust management
Author :
Blaze, Matt ; Feigenbaum, Joan ; Lacy, Jack
Author_Institution :
AT&T Bell Labs., Murray Hill, NJ, USA
Abstract :
We identify the trust management problem as a distinct and important component of security in network services. Aspects of the trust management problem include formulating security policies and security credentials, determining whether particular sets of credentials satisfy the relevant policies, and deferring trust to third parties. Existing systems that support security in networked applications, including X.509 and PGP, address only narrow subsets of the overall trust management problem and often do so in a manner that is appropriate to only one application. This paper presents a comprehensive approach to trust management, based on a simple language for specifying trusted actions and trust relationships. It also describes a prototype implementation of a new trust management system, called PolicyMaker, that will facilitate the development of security features in a wide range of network services
Keywords :
computer network management; cryptography; security of data; PGP; PolicyMaker; X.509; security credentials; security in network services; security policies; trust management; trust management system; Banking; Intrusion detection; Large-scale systems; Lifting equipment; Privacy; Prototypes; Public key; Public key cryptography; Security;
Conference_Titel :
Security and Privacy, 1996. Proceedings., 1996 IEEE Symposium on
Conference_Location :
Oakland, CA
Print_ISBN :
0-8186-7417-2
DOI :
10.1109/SECPRI.1996.502679
