Service Communautaire d'Information sur la Recherche et le Développement - CORDIS

Trust-based access control and RBAC integration

This result describes a simple generic policy language for reasoning about risk in applications, particularly suited to resource-constrained devices common in ubiquitous computing environments. The policy language is based on a decision-theoretic view of risk taken from economics that enables us to quantify the uncertainty of global computing environments as risk.

The ability to transform uncertain decision-making into risk-based decision-making within a trust-based access control policy is the primary innovation of this result. This result is of use to the trust management scientific community as a way of quantifying the uncertainty involved in interactions with little known or unknown principals. It is currently too early to estimate its commercial potential. As a result, no specific steps have been taken at this stage in order to protect any IPR emanating from it.

Reported by

University of Cambridge
The Old Schools Trinity Lane
CB2 1TS Cambridge
United Kingdom
See on map