Abstract:server.We describe our implementation, which can be used as an extension of a web server or as a separate server with interface to applications.
“…Existing trust models can be categorized into two distinct families: Hard Trust Models where trust is established using credentials and trust policies (e.g. [6] and [17]) and Soft Trust Models where trust is built upon pairs experiences, recommendations and reputation (e.g. [11] [25] [14] and [18].…”
Section: Discussion and Concluding Remarksmentioning
Abstract.Virtual Communities are open socio-technical structures wherein autonomous entities (i.e. agents) with common interests join together to mutually satisfy their goals. The success of these communities relies on collaboration and resource sharing principals, making trust a priority for each member. Such communities need a more flexible trust model wherein both individual (i.e. usercentred) and collective (i.e. community-centred) trust requirements are considered in the decision making-process. This paper reports our on-going efforts in that perspective and presents a multiagent-based Adaptive and Socially-Compliant Trust Management System (ASC-TMS). Policies are used, in the system, to specify individual and collective trust requirements, while meta-policies enable agents to dynamically adapt their policies. The ASC-TMS allows agent to make socially-compliant trust decisions through automatic combination of individual and collective policies.
“…Existing trust models can be categorized into two distinct families: Hard Trust Models where trust is established using credentials and trust policies (e.g. [6] and [17]) and Soft Trust Models where trust is built upon pairs experiences, recommendations and reputation (e.g. [11] [25] [14] and [18].…”
Section: Discussion and Concluding Remarksmentioning
Abstract.Virtual Communities are open socio-technical structures wherein autonomous entities (i.e. agents) with common interests join together to mutually satisfy their goals. The success of these communities relies on collaboration and resource sharing principals, making trust a priority for each member. Such communities need a more flexible trust model wherein both individual (i.e. usercentred) and collective (i.e. community-centred) trust requirements are considered in the decision making-process. This paper reports our on-going efforts in that perspective and presents a multiagent-based Adaptive and Socially-Compliant Trust Management System (ASC-TMS). Policies are used, in the system, to specify individual and collective trust requirements, while meta-policies enable agents to dynamically adapt their policies. The ASC-TMS allows agent to make socially-compliant trust decisions through automatic combination of individual and collective policies.
“…Since the number of roles is typically much smaller than the number of users, role-based access control systems reduce the number of access control decisions. A thorough description of role-based access control can be found in (Herzberg et al, 2000). In a role-based access control system the authorization process is split into two steps, namely assignment of one or more roles and check whether a member of the assigned role(s) is allowed to perform the requested action.…”
Section: From Uid/psw-based Authentication To Trust Negotiationmentioning
confidence: 99%
“…), KAoS , PeerTrust (Gavriloaie et al, 2004), Ponder (Damianou et al, 2001), Protune (Bonatti et al, 2006; ? ), PSPL (Bonatti and Samarati, ), Rei (Kagal et al, 2003), RT (Li and Mitchell, ), TPL (Herzberg et al, 2000), WSPL (Anderson, 2004) and XACML (Lorch et al, ; ?). The information we will provide about the aforementioned languages is based on the referenced documents.…”
Section: Presentation Of the Considered Policy Languagesmentioning
Abstract:Policies are a well-known approach to protecting security and privacy of users as well as for flexible trust management in distributed environments. In the last years a number of policy languages were proposed to address different application scenarios. In order to help both developers and users in choosing the language best suiting her needs, policy language comparisons were proposed in the literature. Nevertheless available comparisons address only a small number of languages, are either out-of-date or too narrow in order to provide a broader picture of the research field. In this paper we consider twelve relevant policy languages and compare them on the strength of ten criteria which should be taken into account in designing every policy language. Some criteria are already known in the literature, others are introduced in our work for the first time.By comparing the choices designers made in addressing such criteria, useful conclusions can be drawn about strong points and weaknesses of each policy language.
“…We will illustrate this portion of the space by evaluating Delegation Logic (DL) [17], the Role-based Trust-management (RT) framework [16], [18], [19], SD3 [20], and Trust Policy Language (TPL) [21].…”
Abstract-When users' mental models don't match the way the underlying systems work, problems can arise. For human-based security systems to be effective, we believe that is important to identify the tasks involved at which humans excel (and at which computers do not), and then design the system accordingly. To demonstrate this principle, we are building Attribute-Based, Usefully Secure Email (ABUSE), a system that leverages users by enabling them to build a decentralized, non-hierarchical PKI to express their trust relationships with each other, and then to use this PKI to manage their trust in people with whom they correspond via secure email. Our design puts humans into the system-to do things that humans are good at but machines are not-at both the creation of credentials as well as the interpretation of credentials. In this paper, we discuss why secure email is an interesting proving ground for our design ideas, set out the architecture of the system, and relate our early experiences in testing our user interface on real humans.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.