Formalization of dynamic trust and uncertain evidence for user authorization

Yuhui Zhong, Purdue University


This dissertation investigates the problem of developing models and mechanisms for user authorization based on uncertain evidence and dynamic trust. The research directions are modeling dynamic trust, modeling uncertain evidence, and integrating them with role assignment for user authorization. A computational trust model rooted in findings from social science is developed. Trusting belief, disposition to trust, and context are represented. Trusting belief in competence is distinguished from that in integrity. Trusting beliefs can be built based on direct experience, reputation, most common belief, and a priori belief. The building process is affected by a truster's disposition to trust. This research concentrates on developing (1) competence reputation aggregation methods that eliminate the impact of subjectivity and (2) the integrity belief formation method that captures the behavior trend. An evidence statement is designed to enable issuers or parties relying on evidence to express uncertain belief about the evidence. An opinion structure is used to measure the uncertainty. An evidence rewriting rule is developed based on the discounting operator proposed by Shafer. It is used to translate an issuer's uncertain belief to the belief of the evidence relying party. Three inference methods are devised to address the opinion inference problem raised in user authorization. A role assignment policy definition language is developed. It allows a policy maker to express the evidence and dynamic trust requirements for assigning a role. An evaluation semantic is defined to make role-assignment decisions based on the provided evidence set and policies. A role assignment algorithm is developed based on it. An authorization framework called TERA is developed. It integrates uncertain evidence, dynamic trust, and role assignment, and cooperates with RBAC-enhanced application servers for authorization in open environments. A prototype has been implemented.




Bhargava, Purdue University.

Subject Area

Computer science

Off-Campus Purdue Users:
To access this dissertation, please log in to our
proxy server