Title :
A trust model for capability delegation in federated policy systems
Author :
Feeney, Kevin ; Brennan, Rob ; Foley, Simon N.
Author_Institution :
Knowledge & Data Eng. Group, Trinity Coll. Dublin, Dublin, Ireland
Abstract :
Federated policy systems are required to support the complexity and organizational heterogeneity of the modern marketplace. The Community-based Policy Management System (CBPMS) is such a distributed policy management approach. It utilizes a tree-based capability authority model to partition and delegate federated capabilities. However CBPMS delegation chains have limitations such as: performance overheads due to distributed rule evaluation, threats from malformed or malicious federated principals and a lack of flexibility with respect to delegation chain reduction or capability authority re-partitioning. In this paper we introduce a trust management model for CBPMS that addresses all of these issues.. A brief security analysis is presented and a telecommunications service management use case described.
Keywords :
knowledge management; capability delegation; community-based policy management system; delegation chain reduction; distributed rule evaluation; federated policy systems; security analysis; telecommunications service management; tree-based capability authority model; trust management model; Authorization; Conferences; Organizations; Public key; Telecommunications; Federation; Management; Security; Services;
Conference_Titel :
Network and Service Management (CNSM), 2010 International Conference on
Conference_Location :
Niagara Falls, ON
Print_ISBN :
978-1-4244-8910-7
Electronic_ISBN :
978-1-4244-8908-4
DOI :
10.1109/CNSM.2010.5691300
