2003
DOI: 10.1007/3-540-44875-6_21
|View full text |Cite
|
Sign up to set email alerts
|

Experience with the KeyNote Trust Management System: Applications and Future Directions

Abstract: Abstract. Access control in distributed systems has been an area of intense research in recent years. One promising approach has been that of trust management, whereby authentication and authorization decisions are combined in a unified framework for evaluating security policies and credentials. In this paper, we report on our experience of the past seven years using the PolicyMaker and the KeyNote trust management systems in a variety of projects. We start with a brief overview of trust management in general,… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
1
1
1
1

Citation Types

0
42
0

Year Published

2004
2004
2016
2016

Publication Types

Select...
5
4

Relationship

2
7

Authors

Journals

citations
Cited by 54 publications
(42 citation statements)
references
References 26 publications
0
42
0
Order By: Relevance
“…Among the several non-logical approaches that have been proposed for the problems of privacy preservation and data access control, we distinguish trust management systems, such as PolicyMaker [124], KeyNote [125], REFEREE [126] and SPKI/SDSI [127], which focus on aspects of trust, such as access control and authorization; and the Personal Data Stream (PDS) framework proposed in [128]. PDS is designed to give users new data management tools, based on three foundational design principles: privacy of participants, data legibility, and engagement of participants throughout the data life cycle.…”
Section: General-purpose Solutionsmentioning
confidence: 99%
“…Among the several non-logical approaches that have been proposed for the problems of privacy preservation and data access control, we distinguish trust management systems, such as PolicyMaker [124], KeyNote [125], REFEREE [126] and SPKI/SDSI [127], which focus on aspects of trust, such as access control and authorization; and the Personal Data Stream (PDS) framework proposed in [128]. PDS is designed to give users new data management tools, based on three foundational design principles: privacy of participants, data legibility, and engagement of participants throughout the data life cycle.…”
Section: General-purpose Solutionsmentioning
confidence: 99%
“…The policy and credential language with which we will conduct our work will be based on KeyNote, 6 with extensions we will add to support dynamic policies. In particular, we will introduce new constructs to the language that support an active trigger mechanism for policies and tested conditions.…”
Section: Trust Policy Languagementioning
confidence: 99%
“…6 Our starting point is the PolicyMaker 1,2 evaluation model; our concept of cross-layer communication stems from thesis work on the Strongman system. 9 We are investigating integration of intrusion detection and other security-event generators with access-control mechanisms and other appropriate response and recovery mechanisms, such as slowdowns in response to attack.…”
Section: Cooperative Policy Evaluation With Feedbackmentioning
confidence: 99%
“…Technically, citizen identification systems are quite straightforward as they all follow the concept of trust management systems (Blaze et al 2003) that they share with e.g. access cards or credit cards.…”
Section: Citizen Identification Systemmentioning
confidence: 99%