A trust model for capability delegation in federated policy systems

Author

Feeney, Kevin ; Brennan, Rob ; Foley, Simon N.

Author_Institution

Knowledge & Data Eng. Group, Trinity Coll. Dublin, Dublin, Ireland

fYear

2010

fDate

25-29 Oct. 2010

Firstpage

226

Lastpage

229

Abstract

Federated policy systems are required to support the complexity and organizational heterogeneity of the modern marketplace. The Community-based Policy Management System (CBPMS) is such a distributed policy management approach. It utilizes a tree-based capability authority model to partition and delegate federated capabilities. However CBPMS delegation chains have limitations such as: performance overheads due to distributed rule evaluation, threats from malformed or malicious federated principals and a lack of flexibility with respect to delegation chain reduction or capability authority re-partitioning. In this paper we introduce a trust management model for CBPMS that addresses all of these issues.. A brief security analysis is presented and a telecommunications service management use case described.

Keywords

knowledge management; capability delegation; community-based policy management system; delegation chain reduction; distributed rule evaluation; federated policy systems; security analysis; telecommunications service management; tree-based capability authority model; trust management model; Authorization; Conferences; Organizations; Public key; Telecommunications; Federation; Management; Security; Services;

fLanguage

English

Publisher

ieee

Conference_Titel

Network and Service Management (CNSM), 2010 International Conference on

Conference_Location

Niagara Falls, ON

Print_ISBN

978-1-4244-8910-7

Electronic_ISBN

978-1-4244-8908-4

Type

conf

DOI

10.1109/CNSM.2010.5691300

Filename

5691300