Trust management (information system)

Last updated

In information system and information technology, trust management is an abstract system that processes symbolic representations of social trust, usually to aid automated decision-making process. Such representations, e.g. in a form of cryptographic credentials, can link the abstract system of trust management with results of trust assessment. Trust management is popular in implementing information security, specifically access control policies.

The concept of trust management has been introduced by Matt Blaze [1] [2] to aid the automated verification of actions against security policies. In this concept, actions are allowed if they demonstrate sufficient credentials, irrespective of their actual identity, separating symbolic representation of trust from the actual person.

Trust management can be best illustrated through the everyday experience of tickets. One can buy a ticket that entitles them e.g. to enter the stadium. The ticket acts as a symbol of trust, stating that the bearer of the ticket has paid for their seat and is entitled to enter. However, once bought, the ticket can be transferred to someone else, thus transferring such trust in a symbolic way. At the gate, only the ticket will be checked, not the identity of a bearer.

Overview

Trust management can be seen as a symbol-based automation of social decisions related to trust, [3] where social agents instruct their technical representations how to act while meeting technical representations of other agents. Further automation of this process can lead to automated trust negotiations (e.g. see Winslett [4] ) where technical devices negotiate trust by selectively disclosing credential, according to rules defined by social agents that they represent. The definition and perspective on trust management was expanded in 2000 to include concepts of honesty, truthfulness, competence and reliability, in addition to trust levels, the nature of the trust relationship and the context. [5]

Web Services Trust Language (WS-Trust) [6] brings trust management into the environment of web services. The core proposition remain generally unchanged: the Web Service (verifier) is accepting a request only if the request contains proofs of claims (credentials) that satisfy the policy of a Web Service.

It is also possible to let technical agents monitor each other's behaviour and respond accordingly by increasing or decreasing trust. Such systems are collectively called Trust-Based Access Control (TBAC) [7] and their applicability have been studied for several different application areas. [8]

An alternative view on trust management [9] questions the possibility to technically manage trust, and focuses on supporting the proper assessment of the extent of trust one person has in the other.

Trust management is also studied in specific IT-related field such as transportation. [10]

Trust management is an important topic in online social network these days. [11]

Related Research Articles

<span class="mw-page-title-main">Access control</span> Selective restriction of access to a place or other resource, allowing only authorized users

In physical security and information security, access control (AC) is the selective restriction of access to a place or other resource, while access management describes the process. The act of accessing may mean consuming, entering, or using. Permission to access a resource is called authorization.

In the security engineering subspecialty of computer science, a trusted system is one that is relied upon to a specified extent to enforce a specified security policy. This is equivalent to saying that a trusted system is one whose failure would break a security policy.

In computer systems security, role-based access control (RBAC) or role-based security is an approach to restricting system access to authorized users, and to implementing mandatory access control (MAC) or discretionary access control (DAC).

Authorization or authorisation is the function of specifying rights/privileges for accessing resources, which is related to general information security and computer security, and to IAM in particular. More formally, "to authorize" is to define an access policy during the configuration of systems and user accounts. For example, user accounts for human resources staff are typically configured with authorization for accessing employee records, and this policy gets formalized as access control rules in a computer system. Authorization must not be confused with access control. During usage, access control enforces the authorization policy by deciding whether access requests to resources from (authenticated) consumers shall be approved (granted) or disapproved (rejected). Resources include individual files or an item's data, computer programs, computer devices and functionality provided by computer applications. Examples of consumers are computer users, computer software and other hardware on the computer.

<span class="mw-page-title-main">Single sign-on</span> Authentication scheme

Single sign-on (SSO) is an authentication scheme that allows a user to log in with a single SSO ID to any of several related, yet independent, software systems.

Identity and access management or Identity management (IdM), is a framework of policies and technologies to ensure that the right users have the appropriate access to technology resources. IAM systems fall under the overarching umbrellas of IT security and data management. Identity and access management systems not only identify, authenticate, and control access for individuals who will be utilizing IT resources but also the hardware and applications employees need to access.

<span class="mw-page-title-main">Multi-agent system</span> Built of multiple interacting agents

A multi-agent system is a computerized system composed of multiple interacting intelligent agents. Multi-agent systems can solve problems that are difficult or impossible for an individual agent or a monolithic system to solve. Intelligence may include methodic, functional, procedural approaches, algorithmic search or reinforcement learning. With advancements in Large language model (LLMs), LLM-based multi-agent systems have emerged as a new area of research, enabling more sophisticated interactions and coordination among agents.

A federated identity in information technology is the means of linking a person's electronic identity and attributes, stored across multiple distinct identity management systems.

Policy appliances are technical control and logging mechanisms to enforce or reconcile policy rules and to ensure accountability in information systems. Policy appliances can be used to enforce policy or other systems constraints within and among trusted systems.

<span class="mw-page-title-main">Omron</span> Japanese electronics company

Omron Corporation, styled as OMRON, is a Japanese electronics company based in Kyoto, Japan. Omron was established by Kazuma Tateisi (立石一真) in 1933 and incorporated in 1948.

Database security concerns the use of a broad range of information security controls to protect databases against compromises of their confidentiality, integrity and availability. It involves various types or categories of controls, such as technical, procedural or administrative, and physical.

Network access control (NAC) is an approach to computer security that attempts to unify endpoint security technology, user or system authentication and network security enforcement.

A Sybil attack is a type of attack on a computer network service in which an attacker subverts the service's reputation system by creating a large number of pseudonymous identities and uses them to gain a disproportionately large influence. It is named after the subject of the book Sybil, a case study of a woman diagnosed with dissociative identity disorder. The name was suggested in or before 2002 by Brian Zill at Microsoft Research. The term pseudospoofing had previously been coined by L. Detweiler on the Cypherpunks mailing list and used in the literature on peer-to-peer systems for the same class of attacks prior to 2002, but this term did not gain as much influence as "Sybil attack".

<span class="mw-page-title-main">Intel Active Management Technology</span> Out-of-band management platform

Intel Active Management Technology (AMT) is hardware and firmware for remote out-of-band management of select business computers, running on the Intel Management Engine, a microprocessor subsystem not exposed to the user, intended for monitoring, maintenance, updating, and repairing systems. Out-of-band (OOB) or hardware-based management is different from software-based management and software management agents.

Internet of things (IoT) describes devices with sensors, processing ability, software and other technologies that connect and exchange data with other devices and systems over the Internet or other communication networks. The Internet of things encompasses electronics, communication, and computer science engineering. "Internet of things" has been considered a misnomer because devices do not need to be connected to the public internet; they only need to be connected to a network and be individually addressable.

Privacy-enhancing technologies (PET) are technologies that embody fundamental data protection principles by minimizing personal data use, maximizing data security, and empowering individuals. PETs allow online users to protect the privacy of their personally identifiable information (PII), which is often provided to and handled by services or applications. PETs use techniques to minimize an information system's possession of personal data without losing functionality. Generally speaking, PETs can be categorized as either hard or soft privacy technologies.

<span class="mw-page-title-main">Trusted Computer System Evaluation Criteria</span>

Trusted Computer System Evaluation Criteria (TCSEC) is a United States Government Department of Defense (DoD) standard that sets basic requirements for assessing the effectiveness of computer security controls built into a computer system. The TCSEC was used to evaluate, classify, and select computer systems being considered for the processing, storage, and retrieval of sensitive or classified information.

Concolic testing is a hybrid software verification technique that performs symbolic execution, a classical technique that treats program variables as symbolic variables, along a concrete execution path. Symbolic execution is used in conjunction with an automated theorem prover or constraint solver based on constraint logic programming to generate new concrete inputs with the aim of maximizing code coverage. Its main focus is finding bugs in real-world software, rather than demonstrating program correctness.

Model-driven security (MDS) means applying model-driven approaches to security.

<span class="mw-page-title-main">Self-sovereign identity</span> Type of digital identity

Self-sovereign identity (SSI) is an approach to digital identity that gives individuals control over the information they use to prove who they are to websites, services, and applications across the web. Without SSI, individuals with persistent accounts (identities) across the internet must rely on a number of large identity providers, such as Facebook and Google, that have control of the information associated with their identity. If a user chooses not to use a large identity provider, then they have to create new accounts with each service provider, which fragments their web experiences. Self-sovereign identity offers a way to avoid these two undesirable alternatives. In a self-sovereign identity system, the user accesses services in a streamlined and secure manner, while maintaining control over the information associated with their identity.

References

  1. M. Blaze, J. Feigenbaum and J. Lacy. (1996) "Decentralized Trust Management." IEEE Symposium on Security and Privacy, Oakland, CA.
  2. Blaze, M. et al. (2003) "Experience with the KeyNote Trust Management System: Applications and Future Directions." Proc. of First Int. Conf. on Trust Management iTrust 2003. Springer-Verlag LNCS 2692, pp. 284-300.
  3. Cofta, P. (2007) Trust, Complexity and Control. Confidence in a Convergent World. J Wiley.
  4. Winslett, M. (2003) An Introduction to Trust Negotiations. In: P. Nixon and S. Terzis (eds.): Trust Management 2003, LNCS 2692, pp. 275-283.
  5. Tyrone Grandison, Morris Sloman. A Survey of Trust in Internet Applications. IEEE Communications Surveys and Tutorials, Fourth Quarter 2000
  6. Anderson, S. et al. (2005) Web Services Trust Language (WS-Trust).
  7. Dimmock, N., Bacon, J., Ingram, D., and Moody. K. (2005) Risk Models for Trust-Based Access Control (TBAC). In: P. Herrmann (ed): iTrust2005, LNCS 3477, pp. 364-371
  8. Adams, W. J., and Davis IV, N. J. (2005) "Towards a Decentralized Trust-Based Access Control System for Dynamic Collaboration." Proc. of the 2005 IEEE Workshop on Information Assurance and Security.
  9. Josang, A., Keser, C., and Dimitrakos, T. (2005) "Can We Manage Trust?" In: P. Herrmann et al. (Eds.): iTrust 2005, LNCS 3477, pp. 93-107.
  10. S. Ma, O. Wolfson, J. Lin. (2011) A Survey on Trust Management for Intelligent Transportation System. Proceedings of the 4th International Workshop on computational transportation science, IWCTS '11.
  11. W. Villegas, B. Ali, and M. Maheswaran "An Access Control Scheme for Protecting Personal Data." Sixth Annual Conference on Privacy, Security and Trust (PST 2008), October 2008, pp. 24-35, New Brunswick, Canada.
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.