Felkner, A; Sacha,
Role-based Trust management (RT) languages are used for representing policies and credentials in decentralized, distributed access control systems. RT languages combine trust management and role-based access control features. A credential provides information about the keys, rights and qualifications from one or more trusted authorities. The paper presents a set-theoretic semantics of Role-based Trust management languages, which maps a role to a set of sets of entity names. The semantics applies not only to the basic language of the family RT 0, but also to a much more sophisticated RT T , which provides manifold roles and role-product operators to express threshold and separation-of-duty policies. A manifold role defines sets of entities whose cooperation satisfies the manifold role. It enables to express a such a condition, which need more than one member of a role to effectively fulfill the particular task.