We address the problem of "trust management in information labeling."
The Platform for Internet Content Selection (PICS), proposed by
Resnick and Miller [RM], establishes a flexible way to label documents
according to various aspects of their contents, thus permitting a
large and diverse group of potential viewers to make (automated)
informed judgments about whether or not to view them. For some
viewers, the relevant aspects may be quantity or quality of material
in certain topical areas, and, for others, they may be the presence or
absence of potentially offensive language or images. Thus PICS users
need a language in which to specify their "PICS profiles," i.e., the
aspects according to which they want documents to be labeled, the
acceptable values of those labels, and the parties whom they trust to
do the labeling. Furthermore, PICS-compliant client software (e.g.,
a brower) needs a mechanism for checking whether a document meets the
requirements set forth in a viewer's profile. A trust management
solution for the PICS information-labeling system must provide both a
language for specifying profiles and a mechanism for checking whether
a document meets the requirements given in a profile.
This paper describes our design and implementation of a PICS profile
language and our experience integrating the "PolicyMaker" trust
management engine with a PICS-compliant browser to provide a checking
mechanism. PolicyMaker was originally designed to address trust
management problems in network services that process signed requests
for action and use public-key cryptography [BFL]. Because information
labeling is not inherently a cryptographically based service, and
thus is outside the original scope of the PolicyMaker framework, our
work on information labeling is evidence of PolicyMaker's power and
adaptability.
[BFL] M. Blaze, J. Feigenbaum, and J. Lacy, "Decentralized Trust
Management," IEEE Symposium on Security and Privacy, Oakland CA,
May 1996.
[RM] P. Resnick and J. Miller, "PICS: Internet Access Controls Without
Censorship," Communications of the ACM, October 1996.
Joint work with M. Blaze, P. Resnick, and M. Strauss