Effective Trust Management Through a Hybrid Logical and Relational Approach
Despite a plethora of recent research regarding trust man agement approaches to authorization, relatively little atten tion has been given to exactly how these technologies can be effectively deployed. In this paper, we investigate one way in which well-established logical trust management systems described in the literature can be deployed within enterprise environments. Specifically, we develop a framework within which logical trust management policies can be managed using a relational DBMS. We describe a correct and com plete procedure for compiling CTM credentials into dynamic views within a database, and show how the resulting system can be used to perform role membership checks or to enu merate the members of a given role. We then propose a hybrid algorithm that leverages the logical ruleset and the underlying DBMS to efficiently enumerate the capabilities ascribed to a given user. We also present an evaluation of a prototype implementation of our framework that demon strates the practicality of our approach. As CTM extends the RT family of trust management languages-which are representative of a large class of Datalog-based trust man agement systems-our work is likely generalizable to other trust management approaches.
Credentials databases policy reputation trust
Adam J. Lee Ting Yu Yann Le Gall
Department of Computer Science,University of Pittsburgh Department of Computer Science, North Carolina State University Department of Computer Science, University of Pittsburgh
国际会议
北京
英文
169-179
2010-04-13(万方平台首次上网日期,不代表论文的发表时间)