Synonyms
Related Concepts
Attribute-Based Access Control; Digital Credentials; Trust Negotiation
Definition
Trust management refers to the process of deciding whether the execution of a requested action is authorized by the combination of a local security policy and digitally signed assertions issued by trusted remote parties.
Background
The trust management problem was first described in 1996 by Blaze, Feigenbaum, and Lacy in their seminal paper “Decentralized Trust Management” [5]:
It is our thesis that a coherent intellectual framework is needed for the study of security policies, security credentials, and trust relationships. We refer collectively to these components of network services as the trust management problem.
The key observation made in this paper is that the growth of networked applications has fundamentally altered the information needed to make informed authorization decisions in computing systems. Rather than relying solely on the local...