Model Design And Security Analysis On Trust Management

With the advent of the Internet, distributed computing has become increasinglyprevalent. A number of new models of distributed computing have emerged. Traditionalauthorization is not fit for these systems. The trust-management approach todistributed-system security was developed as an answer to the inadequacy of traditionalauthorization mechanisms. Trust-management engines avoid the need to resolve"identity"in an authorization decision. The trust-management approach includes proofsthat requested transactions comply with local policies and system architectures thatencourage developers and administrators to consider an application's security policycarefully and specify it explicitly. This dissertation focuses on the model and securityanalysis of trust-management system. Following are the main results of this thesis:A novel role-based trust-management model with degrees of trust (RTDOT) isproposed. Degrees of trust are combined with trust management, and a fuzzyset-theoretic semantics is proposed.The problem of security analysis in SDSI is studied. The algorithms for decidingthe possible consequence of certain changes in certificates are devised. The primarysecurity properties are decidable. In particular, most properties are decidable inpolynomial time.