A Delegation Based Model for Distributed Trust

Abstract

In this paper we outline an infrastructure that facilitates security and trust management in a multi-agent system. Our model eases the problem of authorization in a network of heterogeneous agents and also contains mechanisms for delegation of authorization information. The framework allows agents to exchange trust information using a series of Interaction Protocols based on FIPA (Foundation for Intelligent Physical Agents) Interaction Protocols (FIPA 1998). It decentralizes security decisions, enabling more than one agent to be responsible for the validation of requests or for the delegation of permissions. It is very flexible and encourages mobility because the process of requesting services and granting access is divided into two independent steps. This allows an agent to disconnect after the first step and reconnect elsewhere to continue the process of securing the service. The model also uses a policy based approach, to specify rules for authorization and delegation, and a distributed knowledge base, that contains information about the interacting agents. We describe an implemented system that incorporates our framework using X.509 certificates and a Prolog knowledge base.