QTM: QuanTM Framework |
Quantitative Trust Management (QTM) provides a dynamic interpretation of
authorization policies for access control decisions based on upon evolving
reputations of the entities involved. QuanTM, a QTM system, selectively
combines elements from trust management and reputation management
to create a novel method for policy evaluation. Trust management, while
effective in managing access with delegated credentials, needs greater
flexibility in handling situations of partial trust. Reputation management
provides a means to quantify trust, but lacks delegation and policy enforcement.
Our QuanTM architecture consists of three sub-systems: (1) Trust management consists of a trust language evaluator that verifies requests meet policy contraints, and a trust dependency graph (TDG) extractor that constructs a graph representing trust relationships. (2) Reputation management consists of two modules. First, a reputation algorithm to dynamically produce reputation values by combining feedback. These reputation values weight TDG edges. Second, a reputation quantifier computes the trust value for a given request by evaluating the weighted TDG. (3) Decision Management is composed of a decision maker that arrives at an access determination based on a trust value, context, and application specific meta-policy. This project is still in development. The files below summarize our work to date:
|