Dynamic distributed trust model to control access to resources over the Internet

Traditional security tools and infrastructures have proven to be inadequate, inflexible, and difficult to apply in the incredibly large Internet of today. Existing security systems deal mainly with authentication and access control and are not suitable for the increasingly demanding trust requirements in today´s network-based applications. In this paper, a general-purpose, application-independent dynamic distributed trust model (DDTM) that is suitable for access control in the Internet applications is proposed. The core of this model is the recommendation trust model organized as a trust delegation tree and authorization delegation realized by a delegation certificate. DDTM provides a distributed key-oriented certificate issuing mechanism with no centralized global authority. The service authorities can create their own trust policy and control access to the services owned by them. In this paper, we first point out the insufficiency of the existing access control mechanisms and review several method for expressing trust. We then propose the dynamic distributed trust model that works over the Internet. Finally, we focus on the detail operations of trust delegation tree.