International Journal of Scientific & Engineering Research Volume 2, Issue 3, March-2011 1

ISSN 2229-5518

Trust Enhanced Authorization for Distributed

Systems

Priyanka Dadhich, Dr. Kamlesh Dutta, Dr. M.C.Govil

Abstract— The trust –management approach to distributed system security is developed as an answer to the inadequacy of traditional authorization mechanism. The subjective concept of trust not only enables users to better understand the paradigm of pervasive computing, but also opens new direction of research for solving existing problems such as security [8], management of online communities or e-services lifecycle .This paper specifies research issues in the areas of authorization and trust in distributed environments involving mobile networks, pervasive and ubiquitous computing networks . We here discuss the notion of trusted computing and examine existing authorization mechanisms and their inadequacies. Next we define a logic program based languages and policies that facilitate the modeling process.To the end various approaches to trust enhanced security for overall authorization security in distributed systems are discussed.

Index Terms— Distributed, trust management, trusted computing, trust enhanced security, subjective trust

—————————— • ——————————

1 INTRODUCTION

RUST based security models have shown the poten- tial to overcome the drawbacks of traditional security models by ensuring a higher level of trustworthiness
of authorized entities and thus raising the security levels.
The paper lays emphasis on the design and do man-
agement of authorization policies for distributed applica-
tions and introduces the notion of trust enhanced autho-
rization to improve security decision making. Section two
confers design principles and architectural frameworks
for distributed authorization. Section three examine exist-
ing authorization mechanisms with their inadequencies.
Section four explains the trust –management approach as an answer to inadequacy of authorization mechanisms by exploring some trust management inference engines . Section five discusses authorization policies and languag-
es for trust modeling. Section six concludes and section seven puts forward some future prospects to enhance authorization using trusted platforms in distributed ap- plications.
Authorization in distributed system is called distri- buted authorization. It is much richer than authentication both in terms of types of privileges required, its nature and its degree of interaction between participating enti- ties. In earlier times, considerableefforts have been spent on formalizing security protocols and access control schemes for general distributed systems that include aut-
--------------------------------------

F.A. Author is Research Scholar with the Department of Computer

Science & Engineering ,National Institute of Technology, Hamirpur

(India). E-mail: prynkmshr@ gmail.com.

S.B. Author is Associate Professor with the Department of Computer

Science & Engineering, National Institute of Technology, Ha-

mirpur(India) E-mail: kd@nitham.ac.in

T.C. Author is professor with the Department of Coputer Engineering,

Malviya National Institute of Technology,Jaipur and presently working as the Principal Govt. Women Engineering College ,Ajmer (India)

E-mail:govilmc@yahoo.com
hentication logic and access control calculus by Abadi et al [36,4], a logic language for authorization specifications proposed by Jajodia et al [10], an access control policy description language proposed by Kurlowski [8] and Levier et al [6]. But these models combining authoriza- tion and authentication did not approach trust directly but rather deal with trust in an indirect way for identify- ing security flaws in the existing security protocols.

2 DESIGN PRINCIPLES FOR DISTRIBUTED

AUTHORIZATION(DA)

1. Designing of DA can only be accomplished by designing appropriate authorization attributes.
2. Designing should involve authorize information in the security service. Here security mechanisms are required to support these security service and the authorities involved in the management of the service[13].
3. Designing involves the locations where authori- zation checks can be made . These are:
a. CoarseLevel Check:These determine whether access to the application is allowed or not.
b. Function Access check: It is made on the type of function or operation being requested.
4. Designing of Distributed Authorization Service basically involves design of two distinct stages:
a. Administration Design Phase: Involves de- sign of facilities and services for the specifica- tion of authorization policies[15], updating and deleting of policies and their administra- tion.
b. Runtime or Evaluation Phase:It is concerned with the design of the use of these authoriza- tion policies in the evaluation of the access re- quests .

IJSER © 2011

IJSER © 2011

2 International Journal of Scientific & Engineering Research, Volume 2, Issue 3, March-2011

ISSN 2229-5518

Authorization Architecture Frameworks

• Authorization Architecture (AA) should involve to locate the static and generic authorization informa- tion i.e. responsible for a collection of clients and server principals[11].
• Frameworks should involve the dynamic and specific authorization information to be located near the tar- get enabling the target system authorities to be in- volved in their management.
• These specific and dynamic authorization informa- tion needs to be “ pulled” at the time of the decision process.
• Authorization frameworks consists of components like administration component where the authoriza- tion policies[6] are entered and stored in one repre- sentation and a runtime evaluation component that stores the authorization rules at a different represen- tation for runtime access[40].

3 INADEQUACIES WITH SECURITY MECHANISMS

One security mechanisms used in Operating System is the ACL(Access Control Lists). This ACL is a list describing which access rights a principal has on an object(resource). Foe eg: UNIX file system “permissions” mechanisms is essentially an ACL. But unfortunately these ACL ‘s are inadequate for distributed systems(DS). These are:
1. Authentication : In DS, identity of principal is not known but known in OS. Since authentica- tion is accomplished by username/ password mechanisms so this simple password-based pro- tocols are inadequate in network computing en- vironments[4]. Here simple eavesdropping can destroy security.
2. Delegation: Delegation enables decentralization of administrative tasks. It is needful for scalabili- ty of DS. In DS, policy(or authorization)[15] are specified at the last step in the delegation chain( the entity enforcing policy) in form of an ACL. This leads to inconsistencies among locally speci- fied sub-policies[45] .
3. Expressibility and Extensibility: ACL approach do not provide sufficient expressibility or exten- dibility[24] . Hence may security policy elements that are not directly expressible in ACL form should have to be hard-coded into applications. Hence whenever there is change in security poli- cy it often requires reconfiguration, rebuilding
the lack of alternatives that suit to DS.

4 TRUST MANAGEMENT

The term ‘trust management’ was first introduced by Blaze et al [5] { role of trust management in security} . It is a unified approach specifying and interpreting security policies, credentials and relationships that allows direct authorization of security critical actions. These trust- management approach developed as an answer to the inadequacy of previous authorization mechanisms.
Trust Management system combines the notion of spe- cifying security policy with the mechanisms for specify- ing security credentials. Credentials describe specific del- egation of trust among public keys that bind keys to names, to perform specific tasks. These system supports delegation, policy specification, refinement at the differ- ent layers of a policy hierarchy. So, the system solves the consistency and scalability problems present in ACLs. Role of various components in Trust Management Archi- tecture are:
1. Trust Manager: key component of proposed ar-
chitecture that provides trust management ser-
vices.
2. Trust Inference Engine: built on subjective logic primitives[30] .
3. Trust Policy Base: contains established trust rela- tionships.
4. Trust Update: dynamically update the trust rela- tionships in the trust base.
5. Trust Decision: provide trust decision from an owner host to requesting entities by preparing an itinerant computation.Trust decisions come from a set of trust based on initial set of trust relation- ships, recommended trust from others and ob- servations of trust related actions over time[10].

Recommendation Protocol:These protocols are initiated by trust manager in the event of seeking trust information from its trusted entities about other unknown hosts[15]. This protocol helps to maintains a list of hosts ( in its trust base) that are trusted for making recommenda- tions.Recommendation is simply an attempt at communi- cating a party’s reputation from one community context to another[20]. A poor recommendation may be detri- ment-mental to one’s reputation and there is no separate term for “negative recommendation”.

and rewriting of applications.
4. Local Trust Policy: Since the number of adminis-
trative entities in a DS are very large so each enti-
ty is given a different (local) trust model to be
used by different users and by other entities.
For example: System A may trust System B to authenti- cate its users correctly but system A do not trust system C but system B trust system C.
All above security mechanisms are insecure, inade- quate and non-scalable authentication mechanisms that are used in conjunction with ACLs. All these unintuitive-

Trust

Update

Recommendation

Protocol

Trust Policy

Base

Trust

Decision

Trust Manager

Trust Management Inference Engine

ness and problematic mechanisms are in use because of

Fig.1 Trust Management Architecture

IJSER © 2011

3 International Journal of Scientific & Engineering Research, Volume 2, Issue 3, March-2011

ISSN 2229-5518

4.1 Trust Management Inference Engine(TMIE)

It is a separate system component that takes input, out- puts a decision about whether compliance with policy is proven or not and if not proven then outputs some addi- tional information detailing how to proceed.

TMIE avoid the need to resolve “identities” in an authorization decision. These engines express privileg- es and restrictions in a programming language allow- ing for increased flexibility and expressibility and standardization of modern, scalable security mechan- isms.

4.2 Designing of Trust Management Inference

Engine

• Design should lay principals for defining proof of compliance.

• There should be some language or notations to express the policies and credentials.

4.3 Tools designed to avoid inadequacies in

Distributed Authorization

1. PolicyMaker: It was the first tool for processing signed request embodying the trust manage- ment. It addresses the authorization problem di- rectly rather than handling the problem indirect- ly by authentication or access control. Creden- tials and policies of PoylicyMaker are fully pro- grammable and so called “assertions”.
PolicyMaker is a trust management applica- tion that specifies what a public key is authorized to do[22]. PolicyMaker system is essentially a querry engine tool that can either built into ap- plications or run as a daemon service.
2. KeyNote: KeyNote[4] [10]. It has same design principals as Policymaker. Keynote uses creden- tials that directly authorize actions instead of di- viding the authorization task into authentication and access control as in PolicyMaker.
In KeyNote, standardization and ease of inte- gration is developed to give applications. So, KeyNote assign more responsibility to Trust ma- nanagement engine and less function to calling application. By fixing a specific and appropriate assertion language, KeyNote goes further than PolicyMaker toward facilitating efficiency, inte- roperability and widespread use of written cre- dentials and policies.
3. REFEREE: This system fully supports pro- grammability of assertions(i.e. policies and cre- dentials) just like PolicyMaker. REFREE execu- tion environment allows assertion programs to call each other as subroutines and to pass differ- ent arguments to different subroutines[18]. While PolicyMaker execution environment requires that each assertion program write anything that it wants to communicate , on a global blackboard i.e. seen by all other assertions. Refree system supports a more complicated form of inter- assertion communication than PolicyMaker.

4.4 Application Areas of Trust Management System

• In active networks
• In Mobile Code security
• In Access control Distributions

5 AUTHORIZATION POLICIES AND POLICY

LANGUAGES

A fundamental objective of any authorization system is to enable , to represent and to evaluate a range of access policies that are relevant and required. These policies cap- ture the authorization requirements of the distributed applications.
Policy languages are useful in separating out the policy representation from policy enforcement. Some languages given in [8,10,11]{authorization and trust enhanced secu- rity for DA}are solely dedicated for specifying authoriza- tion policies. Languages discussed in [6,7] are mathemati- cal logic based, some are graph based and some languag- es[8,9,10] are programming based. A standard policy lan- guage is useful for interoperability between different sys- tems and applications.
Policy language’s such as [18, 19, 20]{trust magmt sur- vey} make it possible to automatically determine whether certain credentials are sufficient for performing certain actions or not to authorize the trustee. One trust man- agement framework called Sultan trust management in- clude a language for describing trust and recommenda- tion relationships in the system. Constraints can easily be attached to these relationships and through them , the relationships can be connected to the Ponder policylan- guage[22]{trust mangmt survey}.
Sufficient flexible policy system provide the backbone for a trust management system. Tonti et al[21] compare three languages for policy representation and reason- ing[23]{. KAoS[24, 25] , Rei[21] and Ponder [16]are used as the basic languages for sketching some general proper- ties desirable in future work on policy semantics.

5.1 Features of Policy languages

• Policy Language should deal with expression and do structuring of complex and dynamic rela- tionships.
• Languages should be simple enough to enable the administrators and policy setters to use the language in specifying their policies.
• Language should have significant expressive and analytical power to represent and evaluate a range of policies used in practical systems.

5.2 Advantages of Policy Languages

• Use of these languages helps the administrators to save time and money because they are not re- quired to rewrite their policies in many different programming languages.
• Developers are not require to invent new policy languges and write code to support them, so time is saved for developers.

IJSER © 2011

4 International Journal of Scientific & Engineering Research, Volume 2, Issue 3, March-2011

ISSN 2229-5518

• If policy languages are standardized , there are good opportunities for emerging good tools for writing and managing policies for a policy lan- guage.

5.3 Authorization Policies

These policies can range from simple identity based to complex dynamic and collaboration policies[24][12]. Some commonly used access policies are:
• Identity based policies
• Group based policies
• Role based policies
• Delegation policies
• Static separation of duty policies
• Dynamic separation of duty and Chinese wall policies
• Joint action policies
• Collaboration access policies

6 A PPROACHES TO TRUST ENHANCED SECURITY

Trust enhanced security services require some form of “trusted “ authorities to establish and manage “trust” between the mutually suspicious entities A and B over an untrusted network.
For authorization services, we have trust manage- ment components, authorization policies and mechan- isms. Though the term trust is being used around many decades in different disciplines, but in security the con- cept of trust came in late 1970’s.
With the development of TCSEC(Trusted Computer System Evaluation Criteria)[26] , trust is used in the system’s model , design and implementation for its cor- rectness and security. Afterwards, came TCB(Trusted Computer Base)that encapsulates all the security rele- vant components i.e. both hardware and software that are necessary for enforcing security policies in a system. Trust is the firm belief in the competence of an entity to act dependently, securely and reliably within a speci- fied context[27].

6.1 Trust Notions

Trust provides better understanding of security and privacy problems.
• It acts as centralized control in a system.
• It issues resources to build reputation.
• It performs separation of concern.
Trust records feedback about the security evaluations of other nodes. Trust management enables the trust sys- tem to track the behaviour of each node and make cor- responding reactions to the tracked behaviours. Trust management can establish a set of effective rules to make a reliable analysis of certain suspicious nodes.

6.2 Concept of Trust Management

Trust Management focuses on designing languages, compliance checkers, identifying applications and building practical toolkits. Beth et al [20] is one of the
earliest trust models for authentication in distributed system focusing on relationship modeling whereas Ab- adi et al [11] {same} presented a modal logic based trust model for modeling distributed authentication and access control. Blaze et al [12] proposed a new well-known trust management system. The common shortcoming of these models is that they did not ad- dress the trust based on behavior or past experiences dynamically. Lin and Varadharajan [13] developed trust model for agent security management, but this model did not taken into account security risks that it- self trust model has brought. So, all above factors, lead to the research for development of trust enhanced secu- rity models for distributed systems.
Later, Kagal et al [23] { a trust based security system for ubiquitous and pervasive computing} presented an architecture based on trust management applicable to distributed system and towards pervasive computing environments. This trust based architecture has a secu- rity policy i.e. responsible for assigning credentials to entities, delegating trust to third parties and reasoning about user’s access rights. Ngai and Lyu provide a public key authentication service based on a trust mod- el to monitor malicious and colluding nodes. This mod- el allows mobile nodes in distributed system to monitor and rate each other with an authentication metric. The trust value can be updated in conjunction with public key certification. Zhu et al attempt to establish a secure route from a source node S to a designated node D, and provide an approach to calculate the trust value by ap- plying a delegation graph. The mapping between a del- egation edge and an authenticated transition graph is used to compute the trust value based on the transitive property.

6.3 Trust Management Authority

Below architecture is “rule-based” and “event-based” architecture.Here rules are used to define the policy of the trust management authority and categorize events that may occur in transactions. This architecture is adaptable to various domains of service oriented appli- cations.
For provision of security services, trusted authorities such as authorization server and authentication server are involved that provide complete trust. For example: if entities A and B trust the authorization server (AS), this server will perform functions of A and B correctly and honestly. This AS will keep the authorization poli- cies securely , perform authorization checks correctly and ensure that software of AS is free from any mali- cious software.Trust management system such as[31,32,33,34,35] are designed to support specification, acquisition, revocation, degradation and evolution of trust according to some model. It is the unified ap- proach for specifying and inter interpreting security policies, credentials and relationships that allow direct authorization of security-critical actions[31].

Examples as described above: Some automated trust

management systems are: PolicyMaker[23], Key-
Note[9], REFEREE[17] being delegated.

IJSER © 2011


5 International Journal of Scientific & Engineering Research, Volume 2, Issue 3, March-2011

ISSN 2229-5518


.

Rule Base

Rule Management Agent

Trust

Event

Database

Event

Management

Agent

Authority

Interface

Client

Database

Client

Management

Agent

Security

Management

• Enable trust management and its integration with the underlying security mechanisms for enhancements of security performance with help of hard trust models. Trust management systems can be designed that helps to feed- back the trust decisions back to the underly- ing security mechanisms for performance en- hancements.
2. Soft Trust:Soft trust is based on trust relation- ships derived from localized and external ob- servations of system entity behavior[1]. These trusts are obtained through social control me- chanisms such as direct observations, recom- mendations or combination of both.
Many trust models [42,43] } are taken into

Evaluation

Agent

Agent

Agent

Service

Provider

Communication

Management

Agent

soft trust models. Examples are subjective log- ic based trust model developed by Josang [30] and classical model of Beth et al [49].

Benefits of Soft Trust Models:

Trust

Database

Formula

Base

Clients

Management

Agent

Service Provider Database

• Social control principles are extensively stu-
died in soft trust models so as to do research and to develop counter measures for mali- cious behavior in general distributed systems [19,6,18].

Fig.2 Trust Management

6.3 Hybrid Trust

Authority

• It gives linking between behavior and evi- dence through mapping .
• By help of trust management operations,
these soft trust models can calculate dynamic
It is a composite trust relationship formed by combining
hard and soft trust.
1. Hard Trust: Denotes the trust relationships
that can be derived from the underlying cryp-
tography based security mechanisms such as
digital certificates and cryptographic check-
sums.
These trust relationships indicate one
agent host’s belief in another in terms of au-
thentication of the relevant host’s identity (i.e.
authentication trust)and the belief in the be-
nevolence and competence of another host in producing good code (i.e. code trust) and the belief in the honesty and faithful and compe- tent execution of the task requested by a visit-
ing mobile agent i.e. migrating node or pro- gram called Execution Trust [3].

Benefits of hard trust Models:

• Enable trust to be extracted from the security mechanism: by extracting trust from security mechanisms, we are able to find actual trust requirements of the underlying security me- chanisms that helps us to make more effective security decisions.
• Enable categorization of hard trust related se- curity mechanisms: using the hard trust no- tion , we can determine a range of hard trust mechanisms that can process and manage the hard trust information and helps to build trust models that can work with security models effectively.
trust valuations based on the opinion calculus which is used for flexible trust decision mak- ing based on the specified thresholds for dif- ferent trust requirements, in the form of sev- eral trust enhanced security protocols[34].
• Through these trust management protocols , the operations of recommendation based trust update and the end of transaction trust up- date make the distributed trust management possible.

7 CONCLUSION

In this literature , we have addressed some research is- sues in areas of authorization and trust in distributed en- vironments. Some key design principles, policy lan- guage’s and mechanisms, are discussed for the develop- ment of distributed authorization service. Trust manage- ment authority and hybrid trust concepts are explored to outline an idea for enhancing security concerns in distri- buted systems.

8 FUTURE WORK

With the development of term TCPA[39](Trusted Compu- ting Platform Alliance){authorization and trust enhanced security for distributed application}, currently known as TCG (Trusted Computing Group) lead to the discovery of trusted platform technology comprising of a hardware based subsystem devoted to maintaining trust and securi- ty between machines. With the help of the availability of

IJSER © 2011

6 International Journal of Scientific & Engineering Research, Volume 2, Issue 3, March-2011

ISSN 2229-5518

trusted platform[33] and its characteristics any two enti- ties that want to communicate with each other, has to go through trust determination phase before performing authorization at the beginning of the authorization process.
This above scheme can be extended to transfer autho- rization policies between two authorization server sys- tems in two different domains. We currently need to de- velop such a distributed Authorization service on trusted platforms[39]. Also need to develop an application i.e. showing secure access of its operations using trust en- hanced distributed authorization service[38]. Example of applications can be any military application, network management operations, healthcare applications or any e- commerce applications or any other[2].

REFERENCES

1. Heather, J., Hill, D.,:I’m Not Signing That! In Di- mitrakos, T., MArtinelli, f., eds.: proceedings of the 1st Int’l Wksp on Formal Aspects in security and trust (FAST 2003), Pisa, Itlay(2003)71-81.
2. Ishaya, T., Mundy, D. P.:Trust development and
management in virtual communities. In Trust
Management : 2nd international conference ,itrust
2004, Oxford 2004.
3. Rindeback, C., Gustavsson, R.,: Why Trust is hard-Challenges in e-mediated services. In: Pro- ceedings of the 7th Int’l wksp on Trust in Agent societies, New York, USA ,2004.
4. Lampson. B., Abadi, M., Burrows, M., Wobber,
E.,: Authentication in distributed systems: theory and practice. ACM Trans. On Computer Science
10(4),1992.
5. Lampson. B., Abadi, M., Burrows, M., Plotkin,
G.,: A calculus for access control in distributed
systems. ACM Trans. On programming languag-
es and systems 15(4),1993.
6. Jajodia, S., Samarati, P., Subrahmanian, V.S.: A
logic language for expressing authorizations. In:
Proc. IEEE Symp. On research in security and
privacy, pp.31-42, 1997.
7. Maurer, U.,: Modelling a public key infrastruc- ture. In : Martella, G., Kurth, H., Montolivo, E., Bertino, E.(eds) ESORICS 1996. LNCS, vol 1146
Springer , 1996.
8. Levien, R., Aiken, A.,: Attack –resistant trust
metrics for public key certification. In: Proceed- ings of 7th USENIX security Symposium , 1998.
9. M. Blaze, J.Feigenbaum, J. Ioannidis and A. Ke- romytis. The KeyNote Trust-Management .Work in Progress, http://
www.cis.upenn.edu/angelos/keynote.html.
10. M. Blaze, J.Feigenbaum, J.Lacy. Decentralized
Trust Management. In Proc. of the 17th Sympo-
sium on security and Privacy, pages 164-173.
IEEE Computer Society Press, Los Alamitos,1996.
11. V. Varadharajan, C. Crall and J. Pa-
to,”Authorization for Enterprise wide Distri-
buted Systems” Proceedings of the IEEE Com- puter security Applications Conference, AC- SA’98,1998 USA.
12. M. Hitchens and V. Varadharajan, “ower: A lan- guage for Role Based Access Control” proceed- ings of Int’l Wksp on Policies for Distributed Sys- tems and Networks,UK , 2001pp 88-106.
13. S. Indrakanti, V. Varadharajan , M. Hitchens and R. Kumar,”Secure Authorizations for Web Ser- vices” Proceedings of the 17th IFIP Conference on Data and Applications Security, USA, 2003.
14. S. Jajodia, P. Samarati and V.S. Subrahmanian,”
A Logical Language for Expressing Authoriza-
tions’,Proceedings of the IEEE Symposium on Se-
curity and Privacy, USA, 1997.
15. Y. Bai and V. Varadharajan ,’ A logic for State
transformations in Authorization Policies’ Pro-
ceedings of the IEEE Computer Security Founda-
tions Wksp, USA, 1997.
16. N. Damianou, N. Dulay, E. Lupu and M. Slo- man,”the ponder Policy specification Language’, proceedings of Int’l Wksp on Policies for Distri- buted systems and networks, UK, 2001, pp 88-
106.
17. Chu, Y. H.., Feigenbaum, J., LaMacchia, B., Res- nick , P., Strauss, M.: REFEREE: Trust Manage- ment for web Applications. Computer Networks and ISDN systems 29 (1997) 953-964.
18. Blaze, M., Feigenbaum, J., Keromytis, A. D..: KeyNote: Trust management for public-key in-
frastructures(position-paper) In: security proto- cols:6th Int’l Wksp , Cambridge, UK, April 1998. Proceedings. Volume LNCS Springer- Ver- lag(1998) 59-63.
19. T. Grandison and M. Sloman. A survey of trust
in internet application. IEEE Communications
Surveys, 2000.
20. T. Grandison and M. Sloman. Specifying and
analyzing trust for Internet applications. In : pro-
ceedings of 2nd IFIP Conference on e-commerce,
e-business , e- government 13e2002, Lisbon, Por- tugal 2002.
21. Tonti, G., Bradshaw, J. M., Jeffers, R., Montanari, R., Suri, N., Uszok, A.: Semantic web languages for policy representation and reasoning: A com- parison of KAoS, Rei and Ponder. In: The Seman-
tic Web – ISWC 2003. Vol LNCS 2870/2003.419-
437.
22. Damianou , N., Dulay, N., Lupu, E., Sloman, M.:
The Ponder policy specification language. In:
Wksp on Policies for Distributed System and
Networks HP Labs Bristol 29-31 Jan 2001. Vol
1995, 2001.
23. Kagal, L., Finin, T., Joshi, A., : a policy language
for a pervasive computing environment. In pro-
ceedings of tenth Knowledge Acquisition fpr
knowledge-based system wksp,1995.

IJSER © 2011

7 International Journal of Scientific & Engineering Research, Volume 2, Issue 3, March-2011

ISSN 2229-5518

24. Uszok, A., Bradshaw, J. M., Jeffers, R. : KAoS: A Policy and domain services framework for grid computing and semantic web services. In: Trust Management : Second Int’l Conference, itrust
2004, Oxford, UK, March 29-April1, 2004. Pro-
ceedings. Volume LNCS 2995/(2004) 16-26.
25. Bradshaw, J. M..: KAoS: An open agent architec-
ture supporting reuse, interoperability and ex-
tensibility . In : Proceedings of 10th Knowledge
Acquisition for Knowledge-Based Systems
Workshop(1995).
26. Dept. of Defense, “ trusted Computer System
Evaluation Criteria”,(TCSEC), DoD5200.28 STD
Dec. 198.
27. L. Kagal, T. Finin, A. Joshi. Trust based security in pervasive computing environments, Computer
34(2001) 154-157.
28. H. Zhu, F. Bao, R. H. Deng. Computing of trust
in wireless networks, In: proceedings of IEEE 60
th Vehicular technology Conference 2004, pp
2621-2624.
29. T. Grandison and M. Sloman. A survey of trust
in internet application. IEEE Communications
Surveys, , 2000.
30. A. Josang . A logic for uncertain probabilities .
Int’l journal of uncertainty, Fuzziness and know-
ledge based systems 2001.
31. G. Zacharia and P. Maes. Trust management
through reputation mechanisms. Applied Artifi-
cial Intelligence,2000.
32. C. Castelfranchi and R. Falcone. Principles of trust for mas: cognitive anatomy , social impor- tance and quantification. In Demazeau, y. (ed) proceedings of the 3rd int’l Conference on Multi- Agent systems, IEEE Computer Society, 1998.
33. C. Lin Trust Enhanced Security for MA, PhD the- sis, Macquarie University, August 2006.
34. C. lin V. VAradharajan, Y. Wang and V. Pruthi.
Trust enhanced security for MA. In 7th int’l IEEE
conference on e-commerce technology 2005, IEEE
Computer Society Press 2005.
35. B. Yu and M. Singh . A Social mechanisms of
reputation management in electronic communi-
ties. In M. Klusch and L. Kerschberg, editors,
CIA-2000 Wksp on Cooperative Information
Agents, 1860 of LNAI, Springer, 2000.
36. B. Lampson, M. Abadi, M. Burrows and E. Wob- ber, Authentication in distributed systems:theory and practice. ACM Transactions on Computer Systems, 1992.
37. TCPA “ Trusted Computing Platform Alliance”,
Building a trust in the PC, jan 2000, http://www.trustedcomputing.org(now known as trusted Computing Grpup, https://www.trustedcomputinggroup.org/home).
38. V. Varadharajan, “trust enhanced authorization
and its applications”, 2005.
39. B. Balacheff et al.,“ trusted computing Platforms: TCPA Technology in context“, Prentice-Hall,
2003.Ramdomly---
40. M. Burrows, M. Abadi, R. Needham, a Logic of authentication, In: proceedings of the 12 th ACM symposium on Operating Systems Principles,
1989.
41. D. L. Hoffman, T. P. Novak, M. Peralta, Building
consumer trust online, Communications of the
ACM 1999.
42. Abdul-Rahman , A., Hailes,S.,: A Distributed
Trust Model . In Proceedings , ACM New Securi-
ty paradigmsWorkshop’97, Cumbria, UK 1997.
43. Wagealla, W., Carbone, M., English, C., Terzis, S.,
Nixon. P.: A formal model on trust lifecycle man- agement. In : wksp on formal Aspects of security and trust (FAST 2003)at FM 2003. VOL IIT TR-
10/2003. IIT-CNR, Itlay 2003.

44. Resnick, P., Zeckhauser, R.,Friedman, E.,

Kuwabara, K.: reputation Systems. Communica- tion of the ACM ,2000.

45. R Yahalom,B Klein and T Beth. Trust relation- ships in secure systems-a didtributed authentica- tion perspective.Proceedings of IEEE Conference

on Research in Security and Privacy,1993.

46. B.Lampson,M. Abadi,M. Burrows, and

E.Wobber.Authentication in distributed sys-
tems:Theory and practice.ACm Transcations on
Compuetr Systems,1992,10(4),pp.265-310.

47. Matt Blaze,Joan Feigenbaum,and Jack

Lacy.Decentralised trust management .In Pro- ceedings of the 1996 IEEE conference on security and privacy,Oakland,CA may,1996,pp.164-173

48. C.Lin,V.Varadharajan,”Trust Enhanced Security- A New Philosophy for Secure Collaboration of

MobileAgents”Proceedings of the Workshop on Trusted Collaboration,part of Collaborate- Com2006,Atlanta,Georgia,USA.pp.17-20.

49. R. Yahalom, B. Klein ad T. Beth. Trust relation- ships in secure systems- a distributed authentica-

tion prospective. Proceedings of IEEE Conference on research in Security and Privacy, 1993.

IJSER © 2011