Dynamic Trust Management

Blaze, Matt; Kannan, Sampath; Lee, Insup; Sokolsky, Oleg; Smith, Jonathan M.; Keromytis, Angelos D.; Lee, Wenke

We continue to investigate the use of trust management techniques to specify dynamic policies in complex integrated service-oriented networks. For this work, we use the DoD GIG's service-oriented architecture as a focal point. In this research's initial phase, we are developing prototype dynamic trust management policy services for a service-oriented architecture. In our research's next phase, we will develop and analyze policies with properties that maintain strict separation between services while allowing exceptions. Finally, we are developing improved trust management languages and systems that more explicitly support dynamic policies in service-oriented architectures, based on the semantic and performance experiences gained in the research's first phases. Our focus will be twofold. First, we will explore adding trust-management language features that better support dynamic policies, based both on our experiences in the initial research and on the GIG's specific requirements. Second, we will conduct experiments to measure the performance implications of incorporating the trust management layer in the various layers of such systems. A significant open research question is whether trust management is architecturally best implemented as a low-level operating system service, an application-layer service, or somewhere in between.



Also Published In

More About This Work

Academic Units
Computer Science
Published Here
June 24, 2011