Pymmetry - Python Trust Metrics

Posted 26 Mar 2001 at 15:48 UTC by lkcl Share This

Pymmetry has a Maximum Flow (Ford-Faulkersson) implementation at its heart, which is used to provide an easy means to evaluate Trust Metric Certifications, in python.

Trust Metric Evaluations, essentially, are Cascading (or, Hierarchical) Access Control Lists. Pymmetry provides an easy way to integrate Trust Metrics into any project.

Practical applications for Trust Metrics include Domain Name Registration protection, Web-site Forum / content access rights and privileges evaluation, and any other potentially hostile environment in which it is necessary to distinguish trusted from untrusted entities, taking into consideration the opinions of entities in the field.

[The full article is available as the README at sourceforge.net/projects/pymmetry. the project has only just been set up on sourceforge, so it will take 24hrs for the dns to be updated for pymmetry.sourceforge.net to work.]

The original code for Pymmetry (http://pymmetry.sourceforge.net) has gone via http://virgule.sourceforge.net from mod_virgule, by Raph Levien <raph@acm.org>. Raph studied Trust Metrics, and wrote mod_virgule - a community site forum engine - as a social experiment which has proved highly successful and effective at its job. Namely, it promotes and protects a site's purpose from unsolicited interference by empowering the users, in a hostile environment [e.g. the internet], to select those people that they trust within their community to remain honour-bound to the charter of the site they are using, or risk the wrath of their peers - ultimately expressed by the revokation of the Certifications their peers gave them, with the inherent loss of access rights such revokation implies.

Raph's original Network flow simulation code was written in Java. For mod_virgule's purposes, he rewrote it in c. Pymmetry is a python implementation, which is considerably more flexible, cleaner and easier to understand than c.

The original purpose of Raph's Trust Metric code was to fulfil a similar aim to that of Keynote. Namely, that in a large hostile environment, you have to know who to trust (and the example in his paper was the issue of Domain Name registration). When you have a chain (or web) of trust, you have to be able to evaluate that chain, and be as certain as possible that the web has not been compromised, in order to make decisions.

Keynote focusses, effectively, on "a means to securely evaluate Digitally-signed Logical Expressions". Whilst Raph's work is known, because of http://advogato.org, for focussing on the web of trust and its evaluation, Raph's original paper does cover "Logical Expressions" as well, of which - it turns out - Keynote is a superset implementation.

There has been much discussion recently about Trust Metrics - most notably on http://advogato.org, the original Open Source Advocacy site, set up by Raph. It is hoped that Pymmetry will add fuel to the flames :)

New Advogato Features

New HTML Parser: The long-awaited libxml2 based HTML parser code is live. It needs further work but already handles most markup better than the original parser.

Keep up with the latest Advogato features by reading the Advogato status blog.

If you're a C programmer with some spare time, take a look at the mod_virgule project page and help us with one of the tasks on the ToDo list!

X
Share this page