Policy migration for sensitive credentials in trust negotiation
Proceedings of the 2003 ACM workshop on Privacy in the electronic society
A complete and efficient strategy based on petri net in automated trust negotiation
Proceedings of the 2nd international conference on Scalable information systems
A negotiation-based trust establishment service for CROWN grid
International Journal of Autonomous and Adaptive Communications Systems
A secure collaboration service for dynamic virtual organizations
Information Sciences: an International Journal
Privacy preserving of trust management credentials based on trusted computing
ISPEC'10 Proceedings of the 6th international conference on Information Security Practice and Experience
A new approach to hide policy for automated trust negotiation
IWSEC'06 Proceedings of the 1st international conference on Security
| Hi-index | 0.00 |
Global competitive pressures and the possibility of severe security breaches are forcing organizations and individuals to develop the ability to rapidly form relationships and cooperate to solve urgent problems. Such cooperation often involves unanticipated resource sharing across organizational boundaries. As disparate groups attempt to collaborate to conduct sensitive processes and respond to problems, their efforts to provide efficient response are hindered by traditional approaches to access control. Organizations and individuals require nimble security facilities that will enable them to rapidly and efficiently access each other's resources, while offering specific privacy guarantees. Automated trust negotiation (ATN) is a new approach to access control in open, flexible systems. ATN enables open computing by assigning an access control policy to each resource that is to be made accessible to “outsiders”. An access control policy describes the properties of the parties allowed to access that resource, in contrast to the traditional approach of listing their identities. Party's properties are demonstrated through the use of digital credentials, which often contain sensitive information about their owners. Thus their disclosure is also protected by access control policies. Since each negotiating party may have policies that the other needs to satisfy, trust is established gradually through bilateral disclosures of credentials. The successful deployment of ATN requires resolution of many challenging issues. This thesis focuses on two key problems of ATN: negotiation strategies and sensitive information protection. Different parties might have different requirements for how much computation they are willing to do, how freely they disclose resources, and other strategic decisions. For such decisions, each party relies on its negotiation strategies. We identify necessary and sufficient conditions to guarantee interoperability between different strategies, and present a large set of mutually interoperable strategies, which provides users with maximal flexibility in choosing strategies, while still guaranteeing that a negotiation will succeed if at all possible. Without proper protection, an access control policy itself might reveal sensitive information unintentionally. To remedy this problem, we propose a unified scheme for resource protection in ATN. This scheme treats policies as first-class resources, which can themselves be protected by policies. This provides great flexibility in expressing fine-grained access control requirements for trust negotiation.