Programmable agents for generic distributed authorisation

The efficient management of authorisation policies is a critical process that can determine the success of distributed information systems. Current approaches manage authorisation policies based on independent user attributes with specific semantics. We are proposing an authorisation management system that represents attributes of any kind as labels and maintains their inter-dependencies. The system defines a set of peer instances of a specialised Web service called label agent which collectively annotate user public keys with chains or sets of labels. Its distributed nature makes the system more fault-tolerant and applicable in emerging technologies such as GRIDs and peer-to-peer networks