TOWARDS A NEXT-GENERATION TRUST MANAGEMENT INFRASTRUCTURE FOR OPEN COMPUTING SYSTEMS

摘要

Basically, there are two intertwined kinds of security mechanisms: monitoring including access control and cryptographic protocols. The purpose of an access control system is to enforce security policies by gating access to, and execution of, processes and services within a computing system. Specification and enforcement of permissions can be based on asymmetric cryptography. In order to employ asymmetric cryptography in open computing environments we need appropriate trust management infrastructures that enable entities to establish mutual trust. Management of trust is organized within a public key infrastructure, PKI for short. Credentials assert a binding between a principal, represented by a public key, and some property. Current proposals investigating the definition of PKI and the application of credential-based access control treat existing PKI models (e.g. X.509) and trust management approaches (e.g. SPKI/SDSI) as competing technologies. We take a different position. We argue here that a trust management infrastructure for open computing environments has to use and to link existing approaches. We explain which requirements a next-generation trust management approach has to fulfill. After presenting an application scenario, we finally outline the design of a next-generation trust management approach that we believe really would appear to be worthwhile for a broad spectrum of applications.