Databases Reference
In-Depth Information
4
Database Issues in Trust Management and
Trust Negotiation
Dongyi Li
1
, William Winsborough
1
, Marianne Winslett
2
and Ragib Hasan
2
1
Department of Computer Science, University of Texas at San Antonio,
dli@cs.utsa.edu, wwinsborough@acm.org
2
Department of Computer Science, University of Illinois at Urbana-Champaign,
(winslett,rhasan)@cs.uiuc.edu
Summary.
Trust management is the process of managing authorization decisions
in a decentralized environment where many of the participants do not have pre-
established trust relationships, such as logins and passwords, with one another. Trust
management is important for enterprise-level and cross-organizational database ap-
plications such as supply chain management, enterprise resource planning, and cus-
tomer relationship management. Trust management research may also interest the
database research community because of the former's anity for a Datalog-based
world, in which a query (authorization request) launches a multi-site search for a
proof of authorization. To complicate the process, sites have autonomy and may not
always cooperate in proof construction; it is not always obvious where to find the
facts and rules needed to construct a proof; and attempts to access particular facts
and rules may spawn new authorization requests.
1 Introduction to Trust Management
Authorization is one of the most important problems in computer security
and privacy. It lies at the heart of meeting the objectives of confidentiality,
integrity, and availability. Within a single organization, pre-established trust
relationships are used to assign authorizations and prearranged information
such as login names and passwords can serve as the basis for making autho-
rization decisions at run time. For instance, an enterprise has pre-established
trust relationships with its employees, so it is necessary only to authenticate
that a certain resource request is being made by a certain employee for the
request to be given appropriate authorization.
On the other hand, when resource provider and resource requester belong
to different organizations or have no prior relationship whatsoever, there are
no pre-existing trust relationships. This problem can be mitigated slightly
by using manual procedures for cross-domain authentication and authoriza-
tion, such as maintaining local logins and passwords (or lists of X.509 iden-
tities) for all employees in a partner company. However, even in the case of
