Abstract
This paper considers the use of local policy enforcement in communication networks. Compliance with the security policy is important, especially if the system is based on the concept of Public Key Certificate. Our approach discusses the design of a trust management scheme that integrates a model for the specification of entities and actions, a mechanism for identifying users, authorizations, and delegations, and a compliance engine. The model is based on the use of an axiomatic representation of security requirements. The compliance engine integrates a relational calculus that allows proof and verification. Three cases are addressed to validate the model: the anonymous payment system, clinical information system, and distributed firewall systems.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
