A trust model for capability delegation in federated policy systems

Federated policy systems are required to support the emergent complexity and organizational heterogeneity of modern Internet service delivery. This paper presents a distributed policy management approach which utilizes a flexible, tree-based capability authority model to partition and delegate federated capabilities or services. A trust management model and a delegation logic is defined which supports secure decentralized policy reasoning and addresses performance overheads due to distributed rule evaluation, threats from malformed or malicious federated principals and allows flexibility with respect to delegation chain reduction or capability authority re-partitioning. The system is evaluated through a security analysis and a prototype implementation of a federated policy engineering framework based on this logic is described. This framework is based on public key certificates and an extension to the Keynote Trust Management language. It provides practical management services such as key discovery and certificate revocation in addition to the core capability delegation function.