Rule languages for security and privacy in cooperative systems

The open nature of modern network applications is potentially an excellent support to cooperative work of all sorts, and at the same time a major source of security and privacy concerns. It is now commonly recognized that traditional authentication techniques do not scale to the new open scenarios, and are not suitable for the dynamic nature of virtual organizations. Research is focussing on more flexible trust management models that let two or more peers interact securely even if they have never interacted with each other before and have no previous knowledge about each other´s properties and protection requirements. This situation occurs whenever a new virtual organization is created or extended. Trust management is based on electronic credentials, that constitute a flexible way of representing properties of individuals, groups and organizations. In principle, any entity can issue its own credentials, thereby signing some statements about some entities. Other peers may decide whether that entity can be trusted on those statements, in the framework of a specific task. Credentials are verifiable and un-forgeable, so it can be robustly checked whether a given statement has been actually signed (hence issued) by a specific peer.