TrustBuilder2 is a flexible framework for supporting research in the area trust negotiation, designed to allow researchers to quickly prototype and experiment with various approaches to the trust negotiation process. In TrustBuilder2, the primary components of a trust negotiation system are represented using abstract interfaces. These components include:
Any or all of these component interfaces can be implemented or extended by users of the TrustBuilder2 system, thereby making the system's functionality easily extensible. The TrustBuilder2 configuration files can then be modified to load these custom components in place of the default system components; this facilitates the use of new features without modifications to the underlying runtime system. In our implementation, we provide support for one trust negotiation strategy, a policy compliance checker based on Jess (the Java Expert System Shell), query interfaces enabling access to disk-based credential and policy repositories, a credential chain construction algorithm, two credential chain verification routines, and both graphical and text-based logging facilities. TrustBuilder2 also supports the interposition of user-defined plug-ins at communication points between system components to allow for easy monitoring of system activity or the modification of messages passed between components.
TrustBuilder2 is also agnostic with respect to the formats of credentials and policies used during the negotiation. Support for a new policy language can be added to the system by implementing a derived class of AbstractPolicyBrick, the abstract policy type supported by TrustBuilder2, and providing a compliance checker capable of determining whether a policy specified in this language is satisfied by a given collection of credentials (which are processed at an abstracted level). Similarly, support for new credential types can be added by implementing a derived class of AbstractCredentialBrick, the abstract credential type used by TrustBuilder2, and providing mechanisms for these types of credentials to be loaded by external repositories. The current version of TrustBuilder2 supports the use of an uncertified "credential" type that is useful for testing purposes; support for other credential formats can be added by writing or downloading plug-ins for TrustBuilder2.
The flexibility of TrustBuilder2 enables users not only to rapidly implement support for new features, but also provides a framework within which the trade-offs between various system configurations can be quantitatively analyzed. TrustBuilder2 allows users to keep the majority of system components constant and change only minor portions of the framework between trust negotiations; for example, a user could test the same negotiation using two different policy compliance checkers. This enables comparisons to be made between specific system components without requiring modification to the runtime system itself. The TrustBuilder2 framework provides an environment for researchers to begin considering the issues surrounding the deployment of trust negotiation protocols in production environments.
TrustBuilder2 version 0.1 is now available for download as a tarball and a zip archive.Return to top
All e-mail addresses are in the cs.uiuc.edu domain.
Principal Investigator: Professor Marianne Winslett (winslett)
Copyright (c) 2007 Sandia Corporation. Under the terms of Contract DE-AC04-94AL85000 with Sandia Corporation, the U.S. Government retains certain rights in this software.
All rights reserved.
Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.Return to top