Abstract
In security too often services are understood not from first principles but via characteristic mechanisms used for their delivery. Access control had got tied up with DAC, MAC, RBAC and reference monitors. With developments in distributed systems security and with the opening of the Internet for commercial use new classes of access control mechanisms became relevant that did not fit into the established mold. Trust Management was coined as a term unifying the discussion of those mechanisms. We view trust as a placeholder that had its use in driving this research agenda, but argue that trust is so overloaded that it is now an impediment for further progress. Our petition asks for a return to access control and proposes a new framework for structuring investigations in this area.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
Bell, D.E., LaPadula, L.J.: Secure computer systems: Mathematical foundations and model. Technical Report M74-244, The MITRE Corporation, Bedford, MA (May 1973)
Blaze, M., Feigenbaum, J., Ioannidis, J., Keromytis, A.D.: The KeyNote Trust-Management System Version 2, RFC 2704 (September 1999)
Blaze, M., Feigenbaum, J., Lacy, J.: Decentralized trust management. In: Proceedings of the 1996 IEEE Symposium on Security and Privacy, pp. 164–173 (1996)
Bonatti, P.A., Duma, C., Olmedilla, D., Shahmehri, N.: An integration of reputation-based and policy-based trust management. In: Semantic Web Policy Workshop in Conjunction with 4th International Semantic Web Conference, Galway, Ireland (November 2005)
Colombo, M., Martinelli, F., Mori, P., Petrocchi, M., Vaccarelli, A.: Fine grained access control with trust and reputation management for globus. In: Chung, S. (ed.) OTM 2007, Part II. LNCS, vol. 4804, pp. 1505–1515. Springer, Heidelberg (2007)
Feigenbaum, J.: Overview of the AT&T Labs trust-management project. In: Christianson, B., Crispo, B., Harbison, W.S., Roe, M. (eds.) Security Protocols 1998. LNCS, vol. 1550, pp. 45–50. Springer, Heidelberg (1999)
International Organisation for Standardization. Basic Reference Model for Open Systems Interconnection (OSI) Part 2: Security Architecture, Genève, Switzerland (1989)
Gollmann, D.: Why trust is bad for security. Electronic Notes on Theoretical Computer Science 157(3), 3–9 (2006)
Jøsang, A., Gollmann, D., Au, R.: A method for access authorisation through delegation networks. In: Safavi-Naini, R., Steketee, C., Susilo, W. (eds.) Proc. Fourth Australasian Information Security Workshop (Network Security) (AISW 2006), Hobart, Australia. CRPIT, vol. 54, pp. 165–174 (2006)
Krukow, K., Nielsen, M., Sassone, V.: A logical framework for history-based access control and reputation systems. Journal of Computer Security 16(1), 63–101 (2008)
La Macchia, B.A., Lange, S., Lyons, M., Martin, R., Price, K.T.: .NET Framework Security. Addison-Wesley Professional, Boston (2002)
Lampson, B., Abadi, M., Burrows, M., Wobber, E.: Authentication in distributed systems: Theory and practice. ACM Transactions on Computer Systems 10(4), 265–310 (1992)
OASIS. Assertions and Protocols for the OASIS Security Assertion Markup Language (SAML) v2.0. Technical report, OASIS Standard (March 2005)
Sandhu, R.S., Ferraiolo, D., Kuhn, R.: The NIST model for role based access control: Toward a unified standard. In: Proceedings of the 5th ACM Workshop on Role Based Access Control, pp. 47–63 (July 2000)
Sukumaran, S., Blessing, E.: Reputation based localized access control for mobile ad-hoc networks. In: Kunz, T., Ravi, S.S. (eds.) ADHOC-NOW 2006. LNCS, vol. 4104, pp. 197–210. Springer, Heidelberg (2006)
Yong, H.: Reputation and role based access control model for multi-domain environments. In: 2010 International Symposium on Intelligence Information Processing and Trusted Computing (IPTC), pp. 597–600 (October 2010)
Zemanek, H.: Was ist Informatik? Elektronische Rechenanlagen, 157–161 (1971)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 International Federation for Information Processing
About this paper
Cite this paper
Gollmann, D. (2011). From Access Control to Trust Management, and Back – A Petition. In: Wakeman, I., Gudes, E., Jensen, C.D., Crampton, J. (eds) Trust Management V. IFIPTM 2011. IFIP Advances in Information and Communication Technology, vol 358. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-22200-9_1
Download citation
DOI: https://doi.org/10.1007/978-3-642-22200-9_1
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-22199-6
Online ISBN: 978-3-642-22200-9
eBook Packages: Computer ScienceComputer Science (R0)