REFEREE - TRUST MANAGEMENT FOR WEB APPLICATIONS

Digital signatures provide a mechanism for guaranteeing integrity and authenticity of Web content but not more general notions of security o r trust. Web-aware applications must permit users to state clearly the ir own security policies and, of course, must provide the cryptographi c tools for manipulating digital signatures. This paper describes the REFEREE trust management system for Web applications; REFEREE provides both a general policy-evaluation mechanism for Web clients and server s and a language for specifying trust policies. REFEREE places all tru st decisions under explicit policy control; in the REFEREE model, ever y action, including evaluation of compliance with policy, happens unde r the control of some policy. That is, REFEREE is a system for writing policies about policies, as well as policies about cryptographic keys , PICS label bureaus, certification authorities, trust delegation, or anything else. In this paper, we flesh out the need for trust manageme nt in Web applications, explain the design philosophy of the REFEREE t rust management system, and describe a prototype implementation of REF EREE. (C) 1997 Published by Elsevier Science B.V.