Implementation and Performance Analysis of the Role-Based Trust Management System, RTC

  • Tyler L. Hobbs
  • William H. Winsborough
Part of the IFIP Advances in Information and Communication Technology book series (IFIPAICT, volume 321)


We present representations and algorithms for the implementation of RT C , a role-based trust management language, and announce an open-source implementation available to the public. We also design and perform large-scale performance tests on policies closely modeled after possible applications of RT in the real world. These tests aim to determine the viability of RT as an authorization solution for large and potentially complex policies in a decentralized environment; the results of the tests are analyzed to identify what policy characteristics most strongly affect the performance of RT and develop strategies to achieve the rapid response times required in real-world authorization systems.


Trust Management Virtual Organization Forward Search Query Response Time Constraint Domain 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
    Blaze, M., Feigenbaum, J., Lacy, J.: Decentralized trust management. In: Proceedings of the 1996 IEEE Symposium on Security and Privacy, pp. 164–173. IEEE Computer Society Press, Los Alamitos (1996)CrossRefGoogle Scholar
  2. 2.
    Blaze, M., Feigenbaum, J., Ioannidis, J., Keromytis, A.D.: The KeyNote trust-management system, version 2. IETF RFC 2704 (1999)Google Scholar
  3. 3.
    Clarke, D., Elien, J.E., Ellison, C., Fredette, M., Morcos, A., Rivest, R.L.: Certificate chain discovery in SPKI/SDSI. Journal of Computer Security 9(4), 285–322 (2001)Google Scholar
  4. 4.
    Gunter, C.A., Jim, T.: Policy-directed certificate retrieval. Software: Practice & Experience 30(15), 1609–1640 (2000)zbMATHCrossRefGoogle Scholar
  5. 5.
    Jim, T.: SD3: A trust management system with certified evaluation. In: Proceedings of the 2001 IEEE Symposium on Security and Privacy, pp. 106–115. IEEE Computer Society Press, Los Alamitos (2001)CrossRefGoogle Scholar
  6. 6.
    Li, N., Mitchell, J.C.: RT: A role-based trust-management framework. In: The Third DARPA Information Survivability Conference and Exposition (DISCEX III). IEEE Computer Society Press, Los Alamitos (2003)Google Scholar
  7. 7.
    Becker, M.Y., Sewell, P.: Cassandra: Distributed access control policies with tunable expressiveness. In: POLICY 2004: Proceedings of the Fifth IEEE International Workshop on Policies for Distributed Systems and Networks (POLICY 2004), Washington, DC, USA, p. 159. IEEE Computer Society, Los Alamitos (2004)CrossRefGoogle Scholar
  8. 8.
    Czenko, M., Tran, H., Doumen, J., Etalle, S., Hartel, P.H., den Hartog, J.: Nonmonotonic trust management for p2p applications. CoRR abs/cs/0510061 (2005)Google Scholar
  9. 9.
    Li, N., Winsborough, W.H., Mitchell, J.C.: Distributed credential chain discovery in trust management. Journal of Computer Security 11(1), 35–86 (2003)Google Scholar
  10. 10.
    Li, N., Mitchell, J.C., Winsborough, W.H.: Design of a role-based trust management framework. In: Proceedings of the 2002 IEEE Symposium on Security and Privacy, pp. 114–130. IEEE Computer Society Press, Los Alamitos (2002)Google Scholar
  11. 11.
    Li, N., Mitchell, J.C.: Datalog with constraints: A foundation for trust management languages. In: Dahl, V., Wadler, P. (eds.) PADL 2003. LNCS, vol. 2562, pp. 58–73. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  12. 12.
    Mao, Z., Li, N., Winsborough, W.H.: Distributed credential chain discovery in trust management with parameterized roles and constraints (short paper). In: Ning, P., Qing, S., Li, N. (eds.) ICICS 2006. LNCS, vol. 4307, pp. 159–173. Springer, Heidelberg (2006)CrossRefGoogle Scholar

Copyright information

© IFIP 2010

Authors and Affiliations

  • Tyler L. Hobbs
    • 1
  • William H. Winsborough
    • 2
  1. 1.University of Texas at Austin 
  2. 2.University of Texas at San Antonio 

Personalised recommendations