In today's highly distributed and heterogeneous world of the Internet, sharing resources has become an everyday activity of every Internet user. We buy and sell goods over the Internet, share our holiday pictures using facebook (TM), "tube" our home videos on You Tube (TM), and exchange our interests and thoughts on blogs. We podcast, we are Linkedin (TM) to extend our professional network, we share files over P2P networks, and we seek advice on numerous on-line discussion groups. Although in most cases we want to reach the largest possible group of users, often we realise that some data should remain private or, at least, restricted to a carefully chosen audience. Access control is no longer the domain of computer security experts, but something we experience everyday. In a typical access control scenario, the resource provider has full control over the protected resource. The resource provider decides who can access which resource and what action can be performed on this resource. The set of entities that can access a protected resource can be statically defined and is known a priori to the resource provider. Although still valid in many cases, such a scenario is too restrictive today. The resource owner is not only required, but often wants to reach the widest possible group of users, many of which remain anonymous to the resource provider. A more flexible approach to access control is needed. Trust Management is a recent approach to access control in which the access control decision is based on security credentials. In a credential, the credential issuer states attributes (roles, properties) of the credential subject. For the credentials to have the same meaning across all the users, the credentials are written in a trust management language. A special algorithm, called a compliance checker, is then used to evaluate if the given set of credentials is compliant with the requested action on the requested protected resource. Finally, an important characteristic of trust management is that every entity may issue credentials. In the original approach to trust management, the credentials are stored at a well-known location, so that the compliance checker knows where to search for the credentials. Another approach is to let the users store the credentials. Storing the credentials in a distributed way eliminates the single point of failure introduced by the centralised credential repository, but now the compliance checker must know where to find the credentials. Another difficulty of the distributed approach is that the design of a correct credential discovery algorithm comes at the cost of limiting the expressive power of the trust management language. In this thesis we show that it is possible to build a generic, open-ended trust management system enjoying both a powerful syntax and supporting distributed credential storage. More specifically, we show how to build a trust management system that has: - a formal yet expressive trust management language for specifying credentials, - a compliance checker for determining if a given authorisation request can be granted given the set of credentials, - support for distributed credential storage. We call our trust management system TuLiP (Trust management based on Logic Programming). In the thesis we also indicate how to deploy TuLiP in a distributed content management system (we use pictures as the content in our implementation). Using the same approach, TuLiP can improve existing P2P content sharing services by providing a personalised, scalable, and password-free access control method to the users. By decentralising the architecture, systems like facebook (TM) or You Tube (TM) could also benefit from TuLiP. By providing easy to use and scalable access control method, TuLiP can encourage sharing of private and copyrighted content under a uniform and familiar user interface. Also Internet stores, often deployed as a centralised system, can benefit from using the credential based trust management. Here, TuLiP can facilitate the business models in which the recommended clients and the clients of friendly businesses participate in customised customer rewarding programs (like receiving attractive discounts). By naturally supporting co-operation of autonomous entities using distributed credentials, we believe that TuLiP could make validation of business relationships easier, which, in turn, could stimulate creation of new business models.
|Award date||26 Jun 2009|
|Place of Publication||Enschede|
|Publication status||Published - 26 Jun 2009|
- Logic-Based Access Control
- Trust Management