MANAGING TRUST IN AN INFORMATION-LABELING SYSTEM

Many network services need to make ''trust management'' decisions; in particular, processing users' requests for action often requires using labels and credentials that may not be authentic or trustworthy. In t his paper, we address the problem of trust management in formation lab eling. The Platform for Internet Content Selection (PICS), proposed by Resnick and Miller [13], establishes a flexible way to label document s according to various aspects of their contents, thus permitting a la rge and diverse group of potential viewers to make (automated) informe d judgments about whether or not to view them. For some viewers, the r elevant aspects may be quantity or quality of material in certain topi cal areas, and, for others, they may be the presence or absence of pot entially offensive language or images. Thus PICS users need a language in which to specify their PICS profiles, i.e., the aspects according to which they want documents to be labeled, the acceptable values of t hose labels, and the parties whom they trust to do the labeling. Furth ermore, PICS-compliant client software (e.g., a web browser) needs a m echanism for checking whether a document meets the requirements set fo rth in a viewer's profile. A trust management solution for the PICS in formation-labeling system must provide both a language for specifying profiles and a mechanism for checking whether a document meets the req uirements given in a profile. This paper describes our design and impl ementation of a PICS profile language and our experience integrating t he PolicyMaker trust management engine with a PICS-compliant browser t o provide a checking mechanism. PolicyMaker was originally designed to address trust management problems in network services that process si gned requests for action and use public-key cryptography [2]. Because information labeling is not inherently a cryptographically based servi ce and thus is outside the original scope of the PolicyMaker framework , our work on information labeling is evidence of PolicyMaker's power and adaptability.