Lee, AJ and Winslett, A and Basney, J and Von, W
(2006)
Traust: A trust negotiation-based authorization service for open systems.
Master's Thesis, University of Pittsburgh.
![[img]](http://d-scholarship.pitt.edu/style/images/fileicons/text_plain.png) |
Plain Text (licence)
Available under License : See the attached license file.
Download (1kB)
|
Abstract
In recent years, trust negotiation (TN) has been proposed as a novel access control solution for use in open system environments in which resources are shared across organizational boundaries. Researchers have shown that TN is indeed a viable solution for these environments by developing a number of policy languages and strategies for TN which have desirable theoretical properties. Further, existing protocols, such as TLS, have been altered to interact with prototype TN systems, thereby illustrating the utility of TN. Unfortunately, modifying existing protocols is often a time-consuming and bureaucratic process which can hinder the adoption of this promising technology. In this paper, we present Traust, a third-party authorization service that leverages the strengths of existing prototype TN systems. Traust acts as an authorization broker that issues access tokens for resources in an open system after entities use TN to satisfy the appropriate resource access policies. The Traust architecture was designed to allow Traust to be integrated either directly with newer trust-aware applications or indirectly with existing legacy applications; this flexibility paves the way for the incremental adoption of TN technologies without requiring widespread software or protocol upgrades. We discuss the design and implementation of Traust, the communication protocol used by the Traust system, and its performance. We also discuss our experiences using Traust to broker access to legacy resources, our proposal for a Traust-aware version of the GridFTP protocol, and Traust's resilience to attack. Copyright 2006 ACM.
Share
| Citation/Export: |
|
| Social Networking: |
|
Details
| Item Type: |
Other Thesis, Dissertation, or Long Paper
(Master's Thesis)
|
| Status: |
Published |
| Creators/Authors: |
| Creators | Email | Pitt Username | ORCID  |
|---|
| Lee, AJ | adamlee@pitt.edu | ADAMLEE | | | Winslett, A | | | | | Basney, J | | | | | Von, W | | | |
|
| Date: |
4 September 2006 |
| Date Type: |
Publication |
| Access Restriction: |
No restriction; Release the ETD for access worldwide immediately. |
| Journal or Publication Title: |
Proceedings of ACM Symposium on Access Control Models and Technologies, SACMAT |
| Volume: |
2006 |
| Page Range: |
39 - 48 |
| Event Type: |
Conference |
| Institution: |
University of Pittsburgh |
| Schools and Programs: |
Dietrich School of Arts and Sciences > Computer Science |
| Thesis Type: |
Master's Thesis |
| Refereed: |
Yes |
| ISBN: |
1595933549, 9781595933546 |
| Date Deposited: |
05 Dec 2012 19:53 |
| Last Modified: |
02 Feb 2019 16:56 |
| URI: |
http://d-scholarship.pitt.edu/id/eprint/16566 |
Metrics
Monthly Views for the past 3 years
Plum Analytics
Actions (login required)
 |
View Item |
![[feed]](/images/feed-icon-32x32.png){kind=icon}