Security

Towards Reliable Trust Management Based on Structural Trust Scopes of Distributed Roles

Free registration required

Executive Summary

Role based trust management uses Distributed Role Hierarchies (DRH) to provide flexible and scalable authorization in multi-domain environments, but DRH are inherently transitive and may easily lead to unexpected or even illegal authorization. In this paper, the authors propose TS-DRH, a generalized extension of DRH based on a novel trust scope model of distributed roles. TS-DRH introduces the notion of scoped roles with four kinds of structural trust scopes, and uses scoped roles to control the member scopes of senior roles and the permission scopes of junior roles, and thus helps to control the propagation of role memberships and permissions in DRH. This paper also designs rule based semantics and a compliance checking algorithm to compute authorization decisions for TS-DRH.

  • Format: PDF
  • Size: 183.98 KB