22 research outputs found
Policy Conflict Analysis in Distributed System Management
Accepted versio
Policy based roles for distributed systems security
Distributed systems are increasingly being used in commercial environments necessitating the development of trustworthy and reliable security mechanisms. There is often no clear informal or formal specification of enterprise authorisation policies and no tools to translate policy specifications to access control implementation mechanisms such as capabilities or Access Control Lists. It is thus difficult to analyse the policy to detect conflicts or flaws and it is difficult to verify that the implementation corresponds to the policy specification. We present in this paper a framework for the specification of management policies. We are concerned with two types of policies: obligations which specify what activities a manager or agent must or must not perform on a set of target objects and authorisations which specify what activities a subject (manager or agent) can or can not perform on the set of target objects. Management policies are then grouped into roles reflecting the organisation..
A Survey of Trust in Internet Applications
Trust is an important aspect of decision making for Intemet applications and particularly influences the specification of security policy i.e. who is authorised to perform actions as well as the techniques needed to manage and implement security to and for the applications. This survey examines the various definitions of trust in the literature and provides a working definition of trust for Intemet applications. The properties of trust relationships are explained and classes of different types of trust identified in the literature are discussed with examples. Some influential examples of trust management systems are described