Affiliation:
1. University of Vermont, Burlington, VT
Abstract
Trust management systems are frameworks for authorization in modern distributed systems, allowing remotely accessible resources to be protected by providers. By allowing providers to specify policy, and access requesters to possess certain access rights, trust management automates the process of determining whether access should be allowed on the basis of policy, rights, and an authorization semantics. In this paper we survey modern state-of-the-art in trust management authorization, focusing on features of policy and rights languages that provide the necessary expressiveness for modern practice. We characterize systems in light of a generic structure that takes into account components of practical implementations. We emphasize systems that have a formal foundation, since security properties of them can be rigorously guaranteed. Underlying formalisms are reviewed to provide necessary background.
Publisher
Association for Computing Machinery (ACM)
Subject
General Computer Science,Theoretical Computer Science
Cited by
38 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献
1. Decentralized Policy Information Points for Multi-Domain Environments;2021 IEEE 20th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom);2021-10
2. A logic of negative trust;Journal of Applied Non-Classical Logics;2020-07-02
3. Logics to Reason Formally About Trust Computation and Manipulation;Lecture Notes in Computer Science;2020
4. Proof-Carrying Network Code;Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security;2019-11-06
5. SEPD: An Access Control Model for Resource Sharing in an IoT Environment;Lecture Notes in Computer Science;2019