Nonmonotonic Trust Management for P2P Applications

Community decisions about access control in virtual communities are non-monotonic in nature. This means that they cannot be expressed in current, monotonic trust management languages such as the family of Role Based Trust Management languages (RT). To solve this problem we propose RT-, which adds a restricted form of negation to the standard RT language, thus admitting a controlled form of non-monotonicity. The semantics of RT- is discussed and presented in terms of the well-founded semantics for Logic Programs. Finally we discuss how chain discovery can be accomplished for RT-.Comment: This paper appears in the proceedings of the 1st International Workshop on Security and Trust Management (STM 2005). To appear in ENTC

Trust Negotiation With Nonmonotonic Access Policies

Abstract. We study the structure of nonmonotonic access policies for internet-based resources. We argue that such policies could be divided into two parts: the locally designed policies and imported policies. Imported policies should always be monotonic while the local policies could be nonmonotonic. We develop a safe proof procedure for nonmonotonic trust negotiation where safety means that access to a resource is granted only if its access policy is satisfied