Trust management (information system)

In information system and information technology, trust management is a framework that evaluates and represents trust relationships to support automated decision-making. These representations allow systems to assess whether entities—users, devices, or services—can be trusted. . Trust management is commonly applied in information security, particularly in the enforcement of access control policies.

The concept of trust management has been introduced by Matt Blaze to aid the automated verification of actions against security policies. In this concept, actions are allowed if they demonstrate sufficient credentials, irrespective of their actual identity, separating symbolic representation of trust from the actual person.

Trust management can be best illustrated through the everyday experience of tickets. One can buy a ticket that entitles them e.g. to enter the stadium. The ticket acts as a symbol of trust, stating that the bearer of the ticket has paid for their seat and is entitled to enter. However, once bought, the ticket can be transferred to someone else, thus transferring such trust in a symbolic way. At the gate, only the ticket will be checked, not the identity of a bearer.

This article is issued from Wikipedia. The text is available under Creative Commons Attribution-Share Alike 4.0 unless otherwise noted. Additional terms may apply for the media files.