Abstract
Emerging electronic commerce services that use public-key cryptography on a mass-market scale require sophisticated mechanisms for managing trust. For example, any service that receives a signed request for action is forced to answer the central question “Is the key used to sign this request authorized to take this action?” In some services, this question reduces to “Does this key belong to this person?” In others, the authorization question is more complicated, and resolving it requires techniques for formulating security policies and security credentials, determining whether particular sets of credentials satisfy the relevant policies, and deferring trust to third parties. Blaze, Feigenbaum, and Lacy [1] identified this trust management problem as a distinct and important component of network services and described a general tool for addressing it, the PolicyMaker trust management system.
At the heart of a trust management system is an algorithm for compliance checking. The inputs to the compliance checker are a request, a policy, and a set of credentials. The compliance checker returns yes or no, depending on whether the credentials constitute a proof that the request complies with the policy. Thus a central challenge in trust management is to find an appropriate notion of “proof” and an efficient algorithm for checking proofs of compliance.
In this paper, we present the notion of proof that is used in the current version of the PolicyMaker trust management system. We show that this notion of proof leads to a compliance-checking problem that is undecidable in its most general form and is NP-hard even if restricted in several natural ways. We identify a special case of the problem that is solvable in polynomial time and is widely applicable. The algorithm that we give for this special case has been implemented and is used in the current version of the PolicyMaker system.
This is a preview of subscription content, log in via an institution.
Preview
Unable to display preview. Download preview PDF.
References
M. Blaze, J. Feigenbaum, and J. Lacy, Decentralized Trust Management, in Proceedings of the Symposium on Security and Privacy, IEEE Computer Society Press, Los Alamitos, 1996, pp. 164–173.
M. Blaze, J. Feigenbaum, P. Resnick, and M. Strauss, Managing Trust in an Information-Labeling System, European Transactions on Telecommunications, 8 (1997), pp. 491–501. (Special issue of selected papers from the 1996 Amalfi Conference on Secure Communication in Networks.)
Y.-H. Chu, J. Feigenbaum, B. LaMacchia, P. Resnick, and M. Strauss, REFEREE: Trust Management for Web Applications, World Wide Web Journal, 2 (1997), pp. 127–139. (Reprinted from Proceedings of the 6th International World Wide Web Conference, World Wide Web Consortium, Cambridge, 1997, pp. 227–238.)
D. Denning, Cryptography and Data Security, Addison-Wesley, Reading, 1982.
S. Even, A. Selman, and Y. Yacobi, The Complexity of Promise Problems with Applications to Public-Key Cryptography, Information and Control, 61 (1984), pp. 159–174.
M. Garey and D. Johnson, Computers and Intractability: A Guide to the Theory of NP-Completeness, Freeman, San Fancisco, 1979.
M. A. Harrison, W. L. Ruzzo, and J. D. Ullman, Protection in Operating Systems, Communications of the ACM, 19 (1976), pp. 461–471.
A. K. Jones, R. J. Lipton, and L. Snyder, A Linear Time Algorithm for Deciding Security, in Proceedings of the Symposium on Foundations of Computer Science, IEEE Computer Society Press, Los Alamitos, 1976, pp. 33–41.
J. Lacy, D. P. Maher, and J. H. Snyder, Music on the Internet and the Intellectual Property Protection Problem, in Proceedings of the International Symposium on Industrial Electronics, IEEE Press, New York, 1997, pp. SS77–SS83.
R. Levien, L. McCarthy, and M. Blaze, Transparent Internet E-mail Security, http://www.cs.umass.edu/~lmccarth/crypto/papers/email.ps
E. Tardos, The Gap Between Monotone and Non-monotone Circuit Complexity is Exponential, Combinatorica, 8 (1988), pp. 141–142.
T. Y. C. Woo and S. S. Lam, Authorization in Distributed Systems: A New Approach, Journal of Computer Security, 2 (1993), pp. 107–36.
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 1998 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Blaze, M., Feigenbaum, J., Strauss, M. (1998). Compliance checking in the PolicyMaker trust management system. In: Hirchfeld, R. (eds) Financial Cryptography. FC 1998. Lecture Notes in Computer Science, vol 1465. Springer, Berlin, Heidelberg. https://doi.org/10.1007/BFb0055488
Download citation
DOI: https://doi.org/10.1007/BFb0055488
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-64951-9
Online ISBN: 978-3-540-53918-6
eBook Packages: Springer Book Archive