Trust management (information system)

In information system and information technology , management trust is an abstract system processes That symbolic representations of social trust , usually to aid automated decision-making process. Such representations, eg in a form of cryptographic credentials, can link the abstract system of trust management with results of trust assessment. Trust management is particularly important in providing information security , specifically access controlpolicies.

The concept of trust management has been introduced by Matt Blaze [1] to help the automated verification of actions against security policies. In this concept, actions are allowed if they demonstrate sufficient credentials, irrespective of their actual identity, separating symbolic representation of trust from the actual person.

Trust management can be best illustrated through the everyday experience of tickets. One of the most important things to do is to enter the stadium. The ticket acts as a symbol of trust, stating that the bearer of the ticket has paid for his seat and is entitled to enter. However, once bought, the ticket can be transferred to someone else, thus transferring such trust into a symbolic way. At the gate, only the ticket will be checked, not the identity of a bearer.

Overview

Trust management can be seen as a symbol-based automation of social decisions related to trust, [2] where social agents instruct their technical representations how to act while meeting technical representations of other agents. (Eg see Winslett [3] ) where technical devices negotiate trust by selectively disclosing credential, according to rules defined by social agents that they represent. The definition and perspective on trust management was expanded in 2000 [4] to include concepts of honesty, truthfulness, competence and reliability. Trust levels, the nature of the trust relationship and the context were presented in the paper by Grandison and Sloman.

Web Services Trust Language (WS-Trust) [5] Brings trust management into the environment of web services. The core proposal is the unchanged: the Web Service (verification) is accepted as a request.

It is also possible to carry out technical and financial analyzes. Such systems are collectively called Trust-Based Access Control (TBAC) [6] and their applicability have been studied for several different application areas. [7]

An alternative view on trust management [8], the question of the possibility of a trust in the other.

Trust management is also studied in specific IT-related field such as transportation. [9]

Trust management is an important topic in online social network these days. [10] 344

References

  1. Jump up^ Blaze, M. et al. (2003) “Experience with the KeyNote Trust Management System: Applications and Future Directions.” Proc. Of First Int. Conf. On Trust Management iTrust 2003.Springer-Verlag LNCS 2692, pp. 284-300.
  2. Jump up^ Cofta, P. (2007)Trust, Complexity and Control. Confidence in a Convergent World. J Wiley.
  3. Jump up^ Winslett, M.(2003) An Introduction to Trust Negotiations. In: P. Nixon and S. Terzis (eds.):Trust Management 2003, LNCS 2692, pp. 275-283.
  4. Jump up^ Tyrone Grandison, Morris Sloman. A Survey of Trust in Internet Applications. IEEE Communications Surveys and Tutorials, Fourth Quarter 2000
  5. Jump up^ Anderson, S. et al. (2005)Web Services Trust Language (WS-Trust).
  6. Jump up^ Dimmock, N., Bacon, J., Ingram, D., and Moody. K. (2005) Risk Models for Trust-Based Access Control (TBAC). In: P. Herrmann (ed.):ITrust2005, LNCS 3477, pp. 364-371
  7. Jump up^ Adams, WJ, and Davis IV, NJ (2005) “Towards a Decentralized Trust-Based Access Control System for Dynamic Collaboration.” Proc. Of the 2005 IEEE Workshop on Information Assurance and Security.
  8. Jump up^ Josang, A., Keser, C., and Dimitrakos, T. (2005) “Can We Manage Trust?” In: P. Herrmann et al. (Eds.):ITrust 2005, LNCS 3477, pp. 93-107.
  9. Jump up^ S. Ma, O. Wolfson, J. Lin. (2011) A Survey on Trust Management for Intelligent Transportation System. Proceedings of the 4th International Workshop onComputational Transport Science, IWCTS ’11.
  10. Jump up^ W. Villegas, B. Ali, and M. Maheswaran “An Access Control Scheme for Protecting Personal Data.” Sixth Annual Conference on Privacy, Security and Trust (PST 2008), October 2008, p. 24-35, New Brunswick, Canada.

Leave a Comment

Your email address will not be published. Required fields are marked *