|
The network infrastructure configuration system [6] integrates trust enforcement and
representation in a composite way. The enforcement engine uses certificates only
to authorize the holder of the certificate to perform certain actions. It is not
convenient to include certain user's attributes in these certificates. The
corresponding control policy is expressed in a set of assertions, which can
include programs provided by the resource server that are executed as part of
compliance checking when a request is made, which makes this system unique.
The KeyNote system [7] is a simplified version of the PolicyMaker system with
certain extensions for a variety of Internet-based applications. The trust
representation in the KeyNote system is a single, unified language for local
policies and credentials. These policies and credentials contain predicates that
describe the trusted actions permitted by the holders of specific public keys,
which are called assertions. The trust enforcement becomes natural when these
assertions are essentially small, highly structured programs. Credential assertions,
which also serve the role of certificates, have the same syntax as policy assertions
but are also signed by the principal delegating the trust. According to their
specifications, the trust relationships implied in these systems need to be
manually set by administrators
|
