Articles «Previous Next»

QuanTM: A Quantitative Trust Management System

Andrew G. West, University of Pennsylvania
Adam J. Aviv, University of Pennsylvania
Jian Chang, University of Pennsylvania
Vinayak S. Prabhu, University of Pennsylvania
Matthew A. Blaze, University of Pennsylvania
Sampath Kannan, University of Pennsylvania
Insup Lee, University of Pennsylvania
Jonathan M. Smith, University of Pennsylvania
Oleg Sokolsky, University of Pennsylvania

Article comments

European Workshop on System Security (EUROSEC 2009) 31 March 2009, Nuremberg, Germany

Abstract

Quantitative Trust Management (QTM) provides a dynamic interpretation of authorization policies for access control decisions based on upon evolving reputations of the entities involved. QuanTM, a QTM system, selectively combines elements from trust management and reputation management to create a novel method for policy evaluation. Trust management, while effective in managing access with delegated credentials (as in PolicyMaker and KeyNote), needs greater flexibility in handling situations of partial trust. Reputation management provides a means to quantify trust, but lacks delegation and policy enforcement.

This paper reports on QuanTM’s design decisions and novel policy evaluation procedure. A representation of quantified trust relationships, the trust dependency graph, and a sample QuanTM application specific to the KeyNote trust management language, are also proposed.

Suggested Citation

Andrew G. West, Adam J. Aviv, Jian Chang, Vinayak S. Prabhu, Matthew A. Blaze, Sampath Kannan, Insup Lee, Jonathan M. Smith, and Oleg Sokolsky. "QuanTM: A Quantitative Trust Management System" Departmental Papers (CIS) (2009).
Available at: http://works.bepress.com/jms/19


Download

Share