#!/usr/local/bin/php QTM: QuanTM Framework
CIS Home  |   Penn Engineering  |   Penn

QTM: QuanTM Framework

Quantitative Trust Management (QTM) provides a dynamic interpretation of authorization policies for access control decisions based on upon evolving reputations of the entities involved. QuanTM, a QTM system, selectively combines elements from trust management and reputation management to create a novel method for policy evaluation. Trust management, while effective in managing access with delegated credentials, needs greater flexibility in handling situations of partial trust. Reputation management provides a means to quantify trust, but lacks delegation and policy enforcement.

Our QuanTM architecture consists of three sub-systems: (1) Trust management consists of a trust language evaluator that verifies requests meet policy contraints, and a trust dependency graph (TDG) extractor that constructs a graph representing trust relationships. (2) Reputation management consists of two modules. First, a reputation algorithm to dynamically produce reputation values by combining feedback. These reputation values weight TDG edges. Second, a reputation quantifier computes the trust value for a given request by evaluating the weighted TDG. (3) Decision Management is composed of a decision maker that arrives at an access determination based on a trust value, context, and application specific meta-policy.

This project is still in development. The files below summarize our work to date:

  • QuanTM FRAMEWORK PAPER - A paper that appeared at EUROSEC 2009 that describes the QuanTM framework and details a particular instansiation thereof using the KeyNote trust management language and TNA-SL reputation management algorithm.

  • REPUTATION MANAGEMENT SUB-SYSTEM - (Updated 11/28/08) - Developing the reputation database, algorithmn, and quantifier portions of QuanTM, as coded by Andrew West. Example (often trivial) implementations are provided --- of greater interest are the interfaces they utilize.

  • KEYNOTE IMPLEMENTATION - (Updated 11/28/08) - The 'ezPyKeyNote' alpha implementation as coded by Adam Aviv; A Python version of KeyNote implementing a usable set of RFC 2074. KeyNote is a trust management language used in our first attempts to build a QTM system in the QuanTM style.

  • REPUTATION ALGS - An introduction to reputation algorithms. Particular attention should be paid to TNA-SL, whose use seems appropriate in the QuanTM framework.

CIS Home  |   Penn Engineering  |   Penn