ACM SIGAda Ada Letters
A uniform framework for regulating service access and information release on the web
Journal of Computer Security
Distributed credential chain discovery in trust management
Journal of Computer Security
HPDC '03 Proceedings of the 12th IEEE International Symposium on High Performance Distributed Computing
Design of a Role-Based Trust-Management Framework
SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
A Unified Scheme for Resource Protection in Automated Trust Negotiation
SP '03 Proceedings of the 2003 IEEE Symposium on Security and Privacy
Towards Practical Automated Trust Negotiation
POLICY '02 Proceedings of the 3rd International Workshop on Policies for Distributed Systems and Networks (POLICY'02)
A Community Authorization Service for Group Collaboration
POLICY '02 Proceedings of the 3rd International Workshop on Policies for Distributed Systems and Networks (POLICY'02)
Access Control Meets Public Key Infrastructure, Or: Assigning Roles to Strangers
SP '00 Proceedings of the 2000 IEEE Symposium on Security and Privacy
Certificate-based authorization policy in a PKI environment
ACM Transactions on Information and System Security (TISSEC)
Automated trust establishment in open systems
Automated trust establishment in open systems
Trust-X: A Peer-to-Peer Framework for Trust Establishment
IEEE Transactions on Knowledge and Data Engineering
From gridmap-file to VOMS: managing authorization in a Grid environment
Future Generation Computer Systems - Special issue: High-speed networks and services for data-intensive grids: The DataTAG project
The MyProxy online credential repository: Research Articles
Software—Practice & Experience - Grid Security
The Anatomy of the Grid: Enabling Scalable Virtual Organizations
International Journal of High Performance Computing Applications
ROST: Remote and hot service deployment with trustworthiness in CROWN Grid
Future Generation Computer Systems
Adaptive Trust Negotiation and Access Control for Grids
GRID '05 Proceedings of the 6th IEEE/ACM International Workshop on Grid Computing
A Framework for Dependable Trust Negotiation in Open Environments
EASE '08 Proceedings of the Fifth IEEE Workshop on Engineering of Autonomic and Autonomous Systems
Early experience of remote and hot service deployment with trustworthiness in CROWN grid
APPT'05 Proceedings of the 6th international conference on Advanced Parallel Processing Technologies
| Hi-index | 0.00 |
In order to build trust relationship between service requesters and service providers in an open grid computing environment, we design a novel negotiation-based trust establishment service, which supports distributed credential chain construction and privacy preservation to enhance the grid security infrastructure. In this service, we develop a novel credential chain aware negotiation strategy for trust establishment on the fly by gradually disclosing credentials according to various access control policies. This strategy can protect sensitive credentials, partial credential chains and sensitive information in an access control policies based on two concepts: soft protection and hard protection. What's more, a credential federation mechanism is designed for this service when the negotiators use heterogeneous security infrastructures, for example, Kerberos and PKI. Our approach has been successfully implemented as useful components and fundamental security services in the CROWN grid, and techniques such as trust tickets and policy caching that can greatly increase service efficiency are used. Comprehensive experiments have been conducted, which demonstrate our approach is feasible.