Trust Management and Context-Driven Access Control

Trust Management and Context-Driven Access Control

Paolo Bellavista (University of Bologna, Italy), Rebecca Montanari (University of Bologna, Italy), Daniela Tibaldi (University of Bologna, Italy) and Alessandra Toninelli (University of Bologna, Italy)
Copyright: © 2008 |Pages: 18
DOI: 10.4018/978-1-59904-899-4.ch029
OnDemand PDF Download:
$37.50

Abstract

The increasing diffusion of wireless portable devices and the emergence of mobile ad hoc networks promote anytime and anywhere opportunistic resource sharing. However, the fear of exposure to risky interactions is currently limiting the widespread uptake of ad hoc collaborations. This chapter introduces the challenge of identifying and validating novel security models/systems for securing ad hoc collaborations, by taking into account the high unpredictability, heterogeneity, and dynamicity of envisioned wireless environments. We claim that the concept of trust management should become a primary engineering design principle, to associate with the subsequent trust refinement into effective authorization policies, thus calling for original and innovative access control models. The chapter overviews the state-of-theart solutions for trust management and access control in wireless environments by pointing out both the need for their tight integration and the related emerging design guidelines, that is, exploitation of context awareness and adoption of semantic technologies.

Key Terms in this Chapter

Trustor: An individual who sets up a trust or, in other words, the subject that has the possibility/responsibility to trust a target entity.

Middleware for Distributed Systems: A distributed software support layer which abstracts over the complexity and heterogeneity of the underlying distributed environment with its multitude of network technologies, operating systems, and implementation languages. The primary role of middleware is to ease the task of developing, deploying, and managing distributed applications by providing a simple, consistent, and integrated distributed programming environment.

Trust Management: The collection, maintenance, and processing of the information required to make a trust relationship decision, to evaluate the criteria related to trust relationships, and to monitor and re-evaluate existing trust relationships. The term was first defined by Blaze et al. (1996) as a unified approach to specifying and interpreting security policies, credentials, and relationships in order to allow direct authorization of security-critical actions.

Access Control: The ability to limit and control the actions/operations that a legitimate user of a computer system can perform. Access control constrains what a user can do directly, as well what programs executing on behalf of a user are allowed to do.

Context: Many definitions of context are available in the literature (Dey et al., 2001). The most accepted one defines “context” as any information useful for characterizing the state or the activity of an entity or the world in which this entity operates. An entity is a person, place, or object that is considered relevant to the interaction between a user and an application, including the user and applications themselves.

Reputation: The opinion that one entity builds about another entity. In particular, reputation refers to the general expectation about the future actions of an entity based upon past actions. Reputation can be exploited in trust management by providing one relevant element to consider for the trustor to assess the prospective trustee’s trustworthiness.

Semantic Technologies: Technologies that permit to add semantic metadata to information resources. Semantic metadata allow to effectively process data, for instance via automated inferences, that is, understanding what a data resource is and how it relates to other data independently of its name and syntax.

Recommendation: A communicated opinion about the trustworthiness of a third party entity.

Trustee: The entity (individual, access terminal, resource/service component) that is the object of a trust evaluation by a trustor (see the following definition).

Complete Chapter List

Search this Book:
Reset