Distributed credential chain discovery in trust management

摘要

We introduce a simple Role-based Trust-management language RT_0 and a set-theoretic semantics for it. We also introduce credential graphs as a searchable representation of credentials in RT_0 and prove that reachability in credential graphs is sound and complete with respect to the semantics of RT_0. Based on credential graphs, we give goal-directed algorithms to do credential chain discovery in RT_0, both when credential storage is centralized and when credential storage is distributed. A goal-directed algorithm begins with an access-control query and searches for credentials relevant to the query, while avoiding considering the potentially very large number of credentials that are unrelated to the access-control decision at hand. This approach provides better expected-case performance than bottom-up algorithms. We show how our algorithms can be applied to SDSI 2.0 (the 'SDSI' part of SPKI/SDSI 2.0). Our goal-directed, distributed chain discovery algorithm finds and retrieves credentials as needed. We prove that the algorithm is correct by proving that the algorithm is sound and complete with respect to the credential graph composed of the credentials it retrieves, and that the algorithm retrieves all credentials that constitute a traversable chain. We further introduce a storage type system for RT_0, which guarantees traversability of chains when credentials are well typed. This type system can also help improve search efficiency by guiding search in the right direction, making distributed chain discovery with large number of credentials feasible.