nAuthorization mechanisms are needed
for secure information
access by a large community of users in an open environment
nrole assignment + RBAC
nUncertain evidence is considered
because:
nAn evidence issuer may not be 100%
sure about the evidence
she testifies
nIt may be difficult for her to
precisely determine the degree of her belief
nDynamic trust is needed
because:
nHolding evidence does not
necessarily certify a user’s good behavior
nIntegrating dynamic trust with role
assignment prevents a
notorious user from gaining more privilege