Trust management in a distributed environment

29th Annual International Computer Software and Applications Conference (COMPSAC'05) Pub Date : 2005-07-26 DOI:10.1109/COMPSAC.2005.163

B. Thuraisingham

{"title":"Trust management in a distributed environment","authors":"B. Thuraisingham","doi":"10.1109/COMPSAC.2005.163","DOIUrl":null,"url":null,"abstract":"Cybercrime as well as threats to national security are costing U.S. organizations billions of dollars each year. These organizations could be government organizations, financial corporations, medical hospitals and academic institutions. There is a critical need for organizations to share data within and across the organizations so that analysts could analyze the data, mine the data, and make effective decisions. Each organization could share information within the infosphere of that organization. An infosphere may consist of the data, applications and services that are needed for the operation of the organization. Organizations may share data with one another across what is called a global infosphere that spans multiple infospheres. While access control is an important security concern for organizational data sharing, managing trust is also an important consideration. For example, A may have the authorization to share the data with B, but A may not trust B. Trust management and negotiation has been studied extensively by Winslett et al. and Bertino et al. in the systems TrustBuilder and TrustX. In this paper we will discuss the issues on managing trust in a distributed environment. Much of the discussion is based on the work on secure knowledge management (Bertino et al. 2005).","PeriodicalId":419267,"journal":{"name":"29th Annual International Computer Software and Applications Conference (COMPSAC'05)","volume":"2 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2005-07-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"4","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"29th Annual International Computer Software and Applications Conference (COMPSAC'05)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/COMPSAC.2005.163","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 4

Abstract

Cybercrime as well as threats to national security are costing U.S. organizations billions of dollars each year. These organizations could be government organizations, financial corporations, medical hospitals and academic institutions. There is a critical need for organizations to share data within and across the organizations so that analysts could analyze the data, mine the data, and make effective decisions. Each organization could share information within the infosphere of that organization. An infosphere may consist of the data, applications and services that are needed for the operation of the organization. Organizations may share data with one another across what is called a global infosphere that spans multiple infospheres. While access control is an important security concern for organizational data sharing, managing trust is also an important consideration. For example, A may have the authorization to share the data with B, but A may not trust B. Trust management and negotiation has been studied extensively by Winslett et al. and Bertino et al. in the systems TrustBuilder and TrustX. In this paper we will discuss the issues on managing trust in a distributed environment. Much of the discussion is based on the work on secure knowledge management (Bertino et al. 2005).

查看原文本刊更多论文

分布式环境中的信任管理

网络犯罪以及对国家安全的威胁每年给美国企业造成数十亿美元的损失。这些组织可以是政府组织、金融公司、医疗医院和学术机构。组织迫切需要在组织内部和组织之间共享数据，以便分析人员能够分析数据、挖掘数据并做出有效的决策。每个组织都可以在该组织的信息圈内共享信息。信息圈可能由组织运行所需的数据、应用程序和服务组成。组织可以跨所谓的跨多个信息域的全局信息域彼此共享数据。虽然访问控制是组织数据共享的一个重要安全问题，但管理信任也是一个重要的考虑因素。例如，A可能有权与B共享数据，但A可能不信任B。Winslett等人和Bertino等人在TrustBuilder和TrustX系统中对信任管理和协商进行了广泛的研究。在本文中，我们将讨论分布式环境中的信任管理问题。大部分讨论都是基于安全知识管理方面的工作(Bertino et al. 2005)。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

29th Annual International Computer Software and Applications Conference (COMPSAC'05)

自引率

0.00%

发文量