Trust Management Tools for Internet Applications

Trust management has received a lot of attention recently as it is an important component of decision making for electronic commerce, Internet interactions and electronic contract negotiation. However, appropriate tools are needed to effectively specify and manage trust relationships. They should facilitate the analysis of trust specification for conflicts and should enable information on risk and experience information to be used to help in decision-making. High-level trust specifications may also be refined to lower-leve implementation policies about access control, authentication and encryption. In this paper, we present the SULTAN trust management toolkit for the specification, analysis and monitoring of trust specifications. This paper will present the following components of the toolkit: the Specification Editor, the Analysis Tool, the Risk Service and the Monitoring Service.

[1]  Morris Sloman,et al.  A survey of trust in internet applications , 2000, IEEE Communications Surveys & Tutorials.

[2]  Joan Feigenbaum,et al.  KeyNote: Trust Management for Public-Key Infrastructures (Position Paper) , 1998, Security Protocols Workshop.

[3]  Joan Feigenbaum,et al.  The KeyNote Trust-Management System Version 2 , 1999, RFC.

[4]  Trevor Jim,et al.  SD3: a trust management system with certified evaluation , 2001, Proceedings 2001 IEEE Symposium on Security and Privacy. S&P 2001.

[5]  Angelos D. Keromytis,et al.  Key note: Trust management for public-key infrastructures , 1999 .

[6]  Morris Sloman,et al.  Specifying and Analysing Trust for Internet Applications , 2002, I3E.

[7]  Audun Jøsang Prospectives for Modelling Trust in Information Security , 1997, ACISP.

[8]  Joan Feigenbaum,et al.  Decentralized trust management , 1996, Proceedings 1996 IEEE Symposium on Security and Privacy.

[9]  Babak Sadighi Firozabadi,et al.  On the characterisation of a trusting agent - aspects of a formal approach , 2001 .

[10]  Audun Jøsang,et al.  The right type of trust for distributed systems , 1996, NSPW '96.

[11]  Laurie J. Hendren,et al.  SableCC, an object-oriented compiler framework , 1998, Proceedings. Technology of Object-Oriented Languages. TOOLS 26 (Cat. No.98EX176).

[12]  R. Chen,et al.  Poblano A Distributed Trust Model for Peer-to-Peer Networks , 2001 .

[13]  J. Feigenbaum,et al.  The KeyNote trust management system version2, IETF RFC 2704 , 1999 .

[14]  Yang-hua Chu Trust management for the World Wide Web , 1997 .

[15]  Paulo Veríssimo,et al.  Distributed Systems for System Architects , 2001, Advances in Distributed Computing and Middleware.

[16]  P. Venkat Rangan,et al.  An axiomatic basis of trust in distributed systems , 1988, Proceedings. 1988 IEEE Symposium on Security and Privacy.

[17]  Audun Jøsang,et al.  A Subjective Metric of Authentication , 1998, ESORICS.

[18]  Tyrone W. Grandison Trust Specification and Analysis for Internet Applications , 2001 .

[19]  Joan Feigenbaum,et al.  REFEREE: Trust Management for Web Applications , 1997, Comput. Networks.