Time validity in role-based trust management inference system

Abstract

The topic of this paper is RTT, a language from the family of Role-based Trust management (RT) languages, which is used for representing security policies and credentials in distributed large scale access control systems. A credential provides information about the privileges of users and the security policies issued by one or more trusted authorities. RT languages combine trust management and Role Based Access Control features. RTT provides manifold roles to express threshold and separation of duties policies. A manifold role defines sets of entities whose cooperation satisfies the manifold role. The goal of this paper is introduction of time validity constraints to show how that can make RTT language more realistic. The core part of the paper describes a sound and complete inference system, in which credentials can be derived from an initial set of credentials using a set of inference rules. © 2011 Springer-Verlag.