%0 Journal Article %1 KhareRifkin98 %A Khare, Rohit %A Rifkin, Adam %D 1998 %J First Monday -- Peer-Reviewed Journal on the Internet %K imported %N 6 %T Trust Management on the World Wide Web %V 3 %X As once-proprietary mission-specific information systems migrate onto the Web, traditional security analysis cannot sufficiently protect each subsystem atomically. The Web encourages open, decentralized systems that span multiple administrative domains. Trust Management (TM) is an emerging framework for decentralizing security decisions that helps developers and others in asking ``why'' trust is granted rather than immediately focusing on ``how'' cryptography can enforce it. \\ In this paper, we recap the basic elements of Trust Management: principles, principals, and policies. We present pragmatic details of Web-based TM technology for identifying principals, labeling resources, and enforcing policies. We sketch how TM might be integrated into Web applications for document authoring and distribution, content filtering, and mobile code security. Finally, we measure today's Web protocols, servers, and clients against this model, culminating in a call for stakeholders' support in bringing automatable TM to the Web.

@article{KhareRifkin98, abstract = {As once-proprietary mission-specific information systems migrate onto the Web, traditional security analysis cannot sufficiently protect each subsystem atomically. The Web encourages open, decentralized systems that span multiple administrative domains. Trust Management (TM) is an emerging framework for decentralizing security decisions that helps developers and others in asking ``why'' trust is granted rather than immediately focusing on ``how'' cryptography can enforce it. \\ In this paper, we recap the basic elements of Trust Management: principles, principals, and policies. We present pragmatic details of Web-based TM technology for identifying principals, labeling resources, and enforcing policies. We sketch how TM might be integrated into Web applications for document authoring and distribution, content filtering, and mobile code security. Finally, we measure today's Web protocols, servers, and clients against this model, culminating in a call for stakeholders' support in bringing automatable TM to the Web.}, added-at = {2006-11-14T09:19:23.000+0100}, author = {Khare, Rohit and Rifkin, Adam}, biburl = {https://www.bibsonomy.org/bibtex/22e832e7575eee60b5a749b7fc6bf4b40/thorob67}, interhash = {93f8765fb40e9da6a3b5a6f664bd1faf}, intrahash = {2e832e7575eee60b5a749b7fc6bf4b40}, journal = {First Monday -- Peer-Reviewed Journal on the Internet}, keywords = {imported}, month = {June}, number = 6, timestamp = {2006-11-14T09:19:23.000+0100}, title = {Trust Management on the World Wide Web}, volume = 3, year = 1998 }