DIMACS TR: 96-17

Decentralized Trust Management



Authors: Matt Blaze, Joan Feigenbaum, and Jack Lacy

ABSTRACT

We identify the "trust management problem" as a distinct and important component of security in network services. Aspects of the trust management problem include formulating security policies and security credentials, determining whether particular sets of credentials satisfy the relevant policies, and deferring trust to third parties. Existing systems that support security in networked applications, including X.509 and PGP, address only narrow subsets of the overall trust management problem and often do so in a manner that is appropriate to only one application. We present a comprehensive approach to trust management, based on a simple language for specifying trusted actions and trust relationships. We also describe a prototype implementation of a "trust management system," called PolicyMaker, that can facilitate the development of security features in a wide range of network services.

This paper was presented at the IEEE Symposium on Security and Privacy, Oakland CA, May 1996.

Paper Available at: ftp://dimacs.rutgers.edu/pub/dimacs/TechnicalReports/TechReports/1996/96-17.ps.gz


DIMACS Home Page