Building Automated Trust Negotiation architecture in virtual computing environment

Authors:
Deqing Zou;Shangxin Du;Weide Zheng;Hai Jin
Affiliations:
Services Computing Technology and System Lab, Cluster and Grid Computing Lab, School of Computer Science and Technology, Huazhong University of Science and Technology, Wuhan, China;Services Computing Technology and System Lab, Cluster and Grid Computing Lab, School of Computer Science and Technology, Huazhong University of Science and Technology, Wuhan, China;Services Computing Technology and System Lab, Cluster and Grid Computing Lab, School of Computer Science and Technology, Huazhong University of Science and Technology, Wuhan, China;Services Computing Technology and System Lab, Cluster and Grid Computing Lab, School of Computer Science and Technology, Huazhong University of Science and Technology, Wuhan, China
Venue:
The Journal of Supercomputing
Year:
2011

Citing 8
Cited 2

Negotiating Trust on the Web

IEEE Internet Computing
Towards Practical Automated Trust Negotiation

POLICY '02 Proceedings of the 3rd International Workshop on Policies for Distributed Systems and Networks (POLICY'02)
Terra: a virtual machine-based platform for trusted computing

SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
Trust Negotiations: Concepts, Systems, and Languages

Computing in Science and Engineering
Agent-based Automated Trust Negotiation for Pervasive Computing

ICESS '05 Proceedings of the Second International Conference on Embedded Software and Systems
Xen and the art of repeated research

ATEC '04 Proceedings of the annual conference on USENIX Annual Technical Conference
Centralized security policy support for virtual machine

LISA '06 Proceedings of the 20th conference on Large Installation System Administration
A New Approach for Hiding Policy and Checking Policy Consistency

ISA '08 Proceedings of the 2008 International Conference on Information Security and Assurance (isa 2008)

Enhancing privacy in cloud computing via policy-based obfuscation

The Journal of Supercomputing
Resource virtualization methodology for on-demand allocation in cloud computing systems

Service Oriented Computing and Applications

Quantified Score

Hi-index	0.00

Visualization

Abstract

Automated Trust Negotiation (ATN) is an important method to establish trust relationship between two strangers by exchanging their access control policies and credentials. Unfortunately, ATN is not widely adopted because of the complexity and multiformity of negotiation policies, especially in virtual computing environment, where the situation becomes worse than in traditional computing environment, due to the fact that a host with multiple virtual machines needs to be deployed with multiple negotiation policies. Moreover, all of these policies for each virtual machine must be upgraded and checked. To ease the burden on the administrator when deploying ATN access control policies and credentials in virtual computing environment, we propose an automated trusted negotiation architecture called virtual automated trust negotiation (VATN) to centralize ATN policies and credentials for multiple virtual machines in a physical node into a privileged virtual machine. VATN puts policy compliance checker and credential verification control in each virtual machine to improve the execution efficiency of trust negotiation. We implement VATN in Xen virtualization platform. Finally, we discuss the correctness of policy consistency checking and make performance analysis of VATN implemented in Xen.