|
The network IP configuration is a rule-controlled environment and provides both a
general policy evaluation mechanism for web clients and servers and a language
for specifying trust policies. In the REFEREE model, trust enforcement is totally
under the control of trust representation. REFEREE places all trust decisions
under explicit policy control. Every action, including evaluation of compliance
with policy, happens under the control of certain policies. That is, REFEREE is a
system for writing policies about policies, as well as policies about cryptographic
keys, certification authorities, trust delegation, or anything else. Establishment of
trust relationships is ignored in this system, so it is not a complete federated trust
management system. As with the PolicyMaker and KeyNote systems, exchange
mechanisms are assumed in the underlying infrastructures.
|
