Fine Grained Access Control with Trust and Reputation Management for Globus

Colombo, Maurizio; Martinelli, Fabio; Mori, Paolo; Petrocchi, Marinella; Vaccarelli, Anna

doi:10.1007/978-3-540-76843-2_26

Cited by 17 publications

(12 citation statements)

References 10 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…trust) as an attribute for access control, see e. g. [4,5,10,15,16]. This approach is problematic for two reasons.…”

Section: Reputation As An Attack Vectormentioning

confidence: 99%

From Access Control to Trust Management, and Back – A Petition

Gollmann

2011

Trust Management V

View full text Add to dashboard Cite

Abstract. In security too often services are understood not from first principles but via characteristic mechanisms used for their delivery. Access control had got tied up with DAC, MAC, RBAC and reference monitors. With developments in distributed systems security and with the opening of the Internet for commercial use new classes of access control mechanisms became relevant that did not fit into the established mold. Trust Management was coined as a term unifying the discussion of those mechanisms. We view trust as a placeholder that had its use in driving this research agenda, but argue that trust is so overloaded that it is now an impediment for further progress. Our petition asks for a return to access control and proposes a new framework for structuring investigations in this area. Denn eben wo

show abstract

“…trust) as an attribute for access control, see e. g. [4,5,10,15,16]. This approach is problematic for two reasons.…”

Section: Reputation As An Attack Vectormentioning

confidence: 99%

From Access Control to Trust Management, and Back – A Petition

Gollmann

2011

Trust Management V

View full text Add to dashboard Cite

show abstract

“…In particular, their proposal deals with the integration of access control policies and access rights management in a Grid architecture. Along this line of research, Colombo et al [4] present an integrated architecture, extending the previous one, with an inference engine that manages reputation and trust credentials. This framework is also extended in [12] a mechanism for trust negotiating credential is introduced to overcome scalability problems.…”

Section: Related Workmentioning

confidence: 99%

“…However, at the best of our knowledge, few works deal with the full integration of trust management and policy enforcement for mobile code. Nevertheless, some work about policy enforcement environment extended with trust management module exists, e.g., see [4], [11].…”

Section: Introductionmentioning

confidence: 99%

Trust-Driven Policy Enforcement through Gate Automata

Costa

Matteucci

2011

2011 Fifth International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing

View full text Add to dashboard Cite

Abstract-In this paper we introduce the notion of gate automata for describing security policies. This new kind of automata aim at defining a model for the specification of both security and trust policies.The main novelty of our proposal is a unified framework for the integration of security enforcement and trust monitoring. Indeed, gate automata watch the execution of a target program, possibly modifying its behaviour, and produce a feedback for the trust management system. The level of trust changes the environment settings by dynamically activating/deactivating some of the defined gate automata.

show abstract

“…In this case, the RTML framework was integrated with the Globus Toolkit authorization system, and the right of a Grid user to exploit a Grid service was determined taking into account the trust relationships with other Grid service providers he had collected in the past, that were represented through RTML credentials. In [20], instead, the RTML framework was extended to support also reputation management, and it was exploited in the Grid environment as well.…”

Section: Related Workmentioning

confidence: 99%