Managing Trust in an Information-Labeling System

To appear in European Transactions on Telecommunications (special issue of selected papers from the 1996 Amalfi Conference on Secure Communications in Networks).
  • Postscript

    Abstract

    We address the problem of trust management in information labeling. The Platform for Internet Content Selection (PICS), proposed by Resnick and Miller, establishes a flexible way to label documents according to various aspects of their contents, thus permitting a large and diverse group of potential viewers to make (automated) informed judgments about whether or not to view them. For some viewers, the relevant aspects may be quantity or quality of material in certain topical areas, and, for others, they may be the presence or absence of potentially offensive language or images. Thus PICS users need a language in which to specify their PICS profiles, i.e., the aspects according to which they want documents to be labeled, the acceptable values of those labels, and the parties whom they trust to do the labeling. Furthermore, PICS-compliant client software (e.g., a web browser) needs a mechanism for checking whether a document meets the requirements set forth in a viewer's profile. A trust management solution for the PICS information-labeling system must provide both a language for specifying profiles and a mechanism for checking whether a document meets the requirements given in a profile. This paper describes our design and implementation of a PICS profile language and our experience integrating the PolicyMaker trust management engine with a PICS-compliant browser to provide a checking mechanism. PolicyMaker was originally designed to address trust management problems in network services that process signed requests for action and use public-key cryptography [BFL]. Because information labeling is not inherently a cryptographically based service, and thus is outside the original scope of the PolicyMaker framework, our work on information labeling is evidence of PolicyMaker's power and adaptability.