Method and system for regulating trust relation using nomenclature space and policy

• Main Authors: A. NADALIN, E. WESLY, M. HONDO
• Format: Patent
• Language: Chinese; English
• Published: 21.07.2004
• Edition: 7
• Subjects: ELECTRIC COMMUNICATION TECHNIQUE; ELECTRICITY; TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION

提出了一种用于为跨越信任域边界的全异的信任模型提供接口和管理域间和域内信任关系使得它们不依靠于单一信任管理器实体的分布式信任基础结构。用使名称空间与信任启示器相关联的信任链路来代表在信任域之间的信任关系，所述信任启示器在已知的信任域中负责可信地解决与所关联的名称空间相对应的信任相关操作的服务。由信任域内所支持的信任链路参考代理程序来使用已知信任域的信任链路。为在信任链路参考代理程序的信任域内的信任相关的操作而咨询该信任链路参考代理程序；在识别出用于处理信任相关操作的适当的信任启示器之后，向用于解决方案的信任启示器转发信任相关的操作。此外，信任链路与指导信任链路管理的策略相关联。 A distributed trust infrastructure is presented that interfaces disparate trust models across trust domain boundaries and manages inter-domain and intra-domain trust relationships such that they are not reliant upon a single trust manager entity. A trust relationship between trust domains is represented by a trust link, which associates a namespace with a trust oracle, which is a service in a trust domain given responsibility to authoritatively resolve trust-related operations relative to the associated namespace. Trust links for a given trust domain are used by a trust link reference agent that is supported within the trust domain. The trust link reference agent is consulted for trust-related operations within its trust domain; after identifying the appropriate trust oracle for handling the trust-related operation, the trust-related operation is forwarded to the trust oracle for resolution. In addition, the trust links are associated with policies that guide the management of the trust links.