Trust Based Access Control in Infrastructure-Centric Environment
Existing access control models are defective in dynamic authorization based on the trustworthiness of users and do not take full advantages of infrastructures in implementing access control systems. In this paper, the authors incorporate the notion of Trust into Role Based Access Control model (TRBAC) and propose an infrastructure-centric enforcement framework. With the RBAC extension, trust level requirements, which dictate the trust prerequisites for role activation under the privilege context, can be specified. The comprehensive trust model, which evaluates the user's trust in multiple contexts, is proposed.