RTML: A Role-based Trust-management Markup Language
Author
Ninghui Li, John C. Mitchell, William H. Winsborough, Kent E. Seamons, Michael Halcrow, and Jared Jacobson
Tech report number
CERIAS TR 2004-03
Abstract
We present RTML version 1, a Role-based Trust-management Markup
Language, which is an XML-based data representation of the RT framework.
RTML extends the original design of RT, adding the following features:
new data types to encode permissions involving structured resources and
ranges, restrictive inheritance of roles for flexible refinement of
permissions, and notions of identity roles and identity-based roles to
address the issue of enforcing Separation of Duty policies when a
physical user holds multiple keys.
RTML enables the deployment of the RT framework. Compared with systems
like SPKI/SDSI and KeyNote, it has the following distinguishing
features. RTML is designed with a logic-based semantics foundation. RTML
directly addresses the issue of vocabulary agreement and uses strongly
typed credentials, help reducing potential errors in writing credentials
and unintended interactions among credentials. RTML supports more
flexible delegation, including the ability to delegate to principals
that have certain properties and to control the scope of a delegation.
RTML also supports Separation of Duty in a more expressive way.
Institution
Purdue University
Affiliation
Purdue University, Stanford University, George Mason University, Brigham Young University
Publication Date
1900-01-01