Qare Internals
                    SQL Tables
                    Schema
                    Plugins
                    API
 Site Map
 
Delegation Trust Model
 
 Qare
        User's Guide
        Delegation Trust Model
        Architechture
        Applications
        Qare Internals
 

DELEGATION TRUST MODEL

Delegation Trust Model is the heart of QARE.
In a distributed system the interaction between a pair of systems(P2P) is based on building a network of trust. This is very simple as, I trust you because other people whom I trust also trust you, and because of my experience in working with you. The trust network may be upto any level. If any one within the network found to breach the trust he will be kicked out from the network instantly by his grantor who has given him the permission
The trust model provides a means of licencing 3rd parties to access to local services and resources. It is built on the local permissions table (one per system) and the delegation table (one per user) stored in the database. However, the local permission table is treated as the master table, with other table synchronized to that table.
Changes are made by users by changing their delegation table, which results in a request to change one or more local permission tables. Once a local permission table is updated, change notifications are then sent (asynchronously) to all affected users.
Local Permissions Table and Local resources are controlled locally. No on-line mechanism needed to rescind privileges as the system itself is the authority.
To get details of these tables see the local privileges table and user delegation table
When a user has SUPERUSER privilege on a particular system, then the user's delegation table includes that system's entire local permissions table. And if there are other users with SUPERUSER privilege, their permissions are shown in the delegation table with a distance of 1.
Decentralized trust system gives each web service full and immediate control over user access. The system gives the subscriber means to request access to third party.
The delegation trust model simplifies access to remote services by providing the user with the capabilities available with the web services. These capabilities are simply access privileges delegated by the subscribers and granted by web service.