Clients in a distributedsystem place their con dencein many servers, and servers themselves rely on other servers for le storage, authentication, authorization, and payment. When a system spans administrative boundaries it becomes harder to assess the security and competence of potential service providers. This paper examines the issue of con dence in large distributed systems. When con dence is lacking in the real world," one relies on endorsements, licensing, insurance, and surety bonds to compensate. We show that by incorporating such assurances into a distributed system, users are better able to evaluate the risks incurred when using a particular server. This paper describes a method to electronically represent endorsements, licenses, and insurance policies, and discusses the means by which clients use such items when selecting service providers.
Gennady Medvinsky, Charlie Lai, B. Clifford Neuman