
Departmental Papers (CIS)
Date of this Version
March 2009
Document Type
Conference Paper
Recommended Citation
Andrew G. West, Adam J. Aviv, Jian Chang, Vinayak S. Prabhu, Matthew A. Blaze, Sampath Kannan, Insup Lee, Jonathan M. Smith, and Oleg Sokolsky, "QuanTM: A Quantitative Trust Management System", Proceedings of the Second European Workshop on System Security (EUROSEC '09) , 28-35. March 2009. http://dx.doi.org/10.1145/1519144.1519149
Abstract
Quantitative Trust Management (QTM) provides a dynamic interpretation of authorization policies for access control decisions based on upon evolving reputations of the entities involved. QuanTM, a QTM system, selectively combines elements from trust management and reputation management to create a novel method for policy evaluation. Trust management, while effective in managing access with delegated credentials (as in PolicyMaker and KeyNote), needs greater flexibility in handling situations of partial trust. Reputation management provides a means to quantify trust, but lacks delegation and policy enforcement.
This paper reports on QuanTM’s design decisions and novel policy evaluation procedure. A representation of quantified trust relationships, the trust dependency graph, and a sample QuanTM application specific to the KeyNote trust management language, are also proposed.
Subject Area
CPS Internet of Things
Publication Source
Proceedings of the Second European Workshop on System Security (EUROSEC '09)
Start Page
28
Last Page
35
DOI
10.1145/1519144.1519149
Copyright/Permission Statement
© ACM 2009. This is the author's version of the work. It is posted here for your personal use. Not for redistribution. The definitive Version of Record was published in Proceedings of the Second European Workshop on System Security, http://dx.doi.org/10.1145/1519144.1519149.
Keywords
Quantified Trust Management, Trust Management, Reputation Management, QuanTM, KeyNote, TNA-SL
Date Posted: 12 May 2009
This document has been peer reviewed.
Comments
European Workshop on System Security (EUROSEC 2009), 31 March, 2009, Nuremberg, Germany.