Abstract

Conventional access control are suitable for regulating access to resources by known users.However,these models have often found to be inadequate for open and decentralized multi-centric systems where the user population is dynamic and the identity of all users are not known in advance.For such systems, credential based access control has been proposed. Credential based systems achieve access control by implementing a binary notion of trust.If a user is trusted by virtue of successful evaluation of its credentials it is allowed access, otherwise not. However,such credential based models have also been found to be lacking because of certain inherent drawbacks with the notion of credentials.In this work,we propose a trust based access control model called TrustBAC. It extends the conventional role based access control model with the notion of trust levels.Users are assigned to trust levels instead of roles based on a number of factors like user credentials,user behavior history,user recommendation etc. Trust levels are assigned to roles which are assigned to permissions as in role based access control.The TrustBAC model thus incorporates the advantages of both the role based access control model and credential based access control models.