Decentralized Trust-Based Access Control for Dynamic Collaborative Environments

The goal of this research was to create a decentralized trust-based access control (TBAC) system for a dynamic collaborative environment (DCE). By building a privilege management infrastructure (PMI) based on trust, user access was determined using behavior grading without the need for pre-configured, centrally managed role hierarchies or permission sets. The PMI provided TBAC suitable for deployment in a rapidly assembled, highly fluid, collaborative environment.

DCEs were assembled and changed membership as required to achieve the goals of the group. A feature of these environments was that there was no way of knowing who would join the group, no way of refusing anyone entry into group, and no way of determining how long members would remain in the group. DCEs were formed quickly to enable participants to share information while, at the same time, allowing them to retain control over the resources that they brought with them to the coalition.

This research progressed the state of the art in the fields of access control and trust management. The Trust Management System developed through this research effectively implemented a decentralized access control scheme. Each resource owner independently evaluated the reputation and risk of network members to make access decisions. Because the PMI system used past behavior as an indication of future performance, no a priori user or resource configuration was required.