In this paper, readers will find protocols for computing the degrees of reluctance for software systems to reveal credentials that will allow users to gain access to resources. The authors’ insights include: a point-based trust (PBT) model for dynamically providing services rooted in access methods and credentials that limit the loss of privacy; a protocol for joint computation of the optimum total privacy scores of at-large credentials by a server and a client, without divulging the secret, sensitive parameters of both parties; and a fingerprint algorithm to enable the client to independently recover and validate the integrity of the computed optimal knapsack solution.
This is a comprehensive analysis of the issues of trust negotiation, management, and computation. Yao et al. show how to select a combination of credentials suited to the particular privacy scores for each credential. They discuss access control policies as a knapsack optimization problem, and offer a novel dynamic programming solution. The protocols advocated for realizing quantitative policies in trust management use semantically secure homomorphic encryption schemes widely, to provide protection against partly candid foes. The paper offers perceptive access control and PBT management ideas. Their two-party PBT framework ushers in new opportunities for the development of efficient solutions for multi-knapsack problems.
The design and implementation of quantifiable policies and protocols for trust management of access to resources in grid computing and the Internet entail answering nontrivial questions. Despite the recently promoted model for associating platform trust with behavioral policy [1], and the access and privacy policies for granting access to resources [2], many issues remain unresolved. For example, how should optimal values of arbitrarily rated credentials be computed and validated, so that they can be used to grant access to resources among entities in open ad hoc networks and e-commerce systems? How should satisfactory point-based trust be implemented in protocols designed for open systems in which providers and users have different and conflicting interests? This paper provides clear perceptions of these questions and more. If you are interested in privacy, and you should be, this is an insightful paper for your reading list.