| With the rapid development of Internet and the extensive popularity of computer hardware, people have a more and more dependence upon computer network in daily life, such as commercial deal and resource sharing over Internet. As a public tool or platform, Internet does not provide enough mechanisms to protect safety of transferred data over computer networks. How to guarantee the security when people perform various operations or conduct transactions, especially when the transactions are happened in the open and distributed environment, is a hot and unsolved issue in network security and poses a new challenge to researchers and scienctists.In distributed and open virtual organizations (VOs), common access control mechanisms cannot work well to realize resource sharing across domains. As a new kind of access control mechanism, automated trust negotiation (ATN) regulates how to disclose digital credentials and access control policies and provides a method to establish mutual trust between strangers that wish to share resources or conduct business transactions from different security domains by using exchange of attribute credentials. ATN uses access control policies to specify what credentials a user must submit so as to satisfy the requirements and protect sensitive policy and personal privacy.Currently, in VO,ATN is limited in formalization description, since there is no complete and safe definitons of ATN's concepts and components, which greatly restricts the security level of ATN, and has an impact on its application in commerce and finance etc. To improve ATN's security level, a new ATN framework is presented based on the simulation of trust management description. In the framework, ATN's security parameter and its components, including authentication, authorization, delegation, negotiation protocol etc, are formally expressed. A one-time mutual authentication method is proposed to authenticate each other. Meanwhile, since ATN's security parameter has a great impact on system development and deployment, the key issues on how to develop and deploy an ATN system are presented as a guideline. A comparison is made between ATN framework and TM framework to show its advantage.In VO, access control policy plays an important role in ATN. Howver, the access control policies are often designed so complex that the negotiation process becomes much complicated, which greatly degrades the credential-policy matching speed and reduces negotiation efficiency. Even worse, it may cause policy inconsistency. When policy inconsistency happens, either the negotiation is doomed to fail or the policies cannot prevent unauthorized access. A tentative research is given in the paper. According to the existing problems in policy consistency, a detailed analysis of why and how the policy inconsistcy happens is presented. And access control policies are classified into three types. Thereto, three different means are proposed to check policy consistency and eliminate policy inconsistency.In VO, how to protect personal privacy and sensitive policy as well as sensitive content of a policy is always the key and hot issue in ATN. Based on the existing problems in information protection, four different models are proposed to guarantee negotiation security with the full consideration of purpose-genearl, feasibility, security and reailization cost. Asymmetrical cipher based information protection mechanism is based on common public key infrastructure and unifies hidden credential and zero knowledge by setting security parameters. EMAIL based information protection mechanism uses general email to transfer negotiation information, which has little requirement towards both parties.Logic predicate based information protection mechanism adopts intelligent agent to realize the negotiation execution by introducing agent concept to ATN. Furthermore, how to prevent the whole negotiation from being attacked in ATN is an important issue in need, including avoiding exchanged data from being intercepted, juggled and leaked, i.e., the negotiation content would not be got by someone else except the two negotators. The common attacks contain DoS, personation, interception, playback and so on. Based on the fetures of ATN, the possible attacks which ATN would encounter are given, and how ATN resists the attacks is also analyzed. Meanwhile, what rules ATN should obey and how ATN would go on in future are specified based on the current reseach on ATN.ATN has only experienced with a fugacious history of ten years from its naissance. During the period, ATN has obtained great development. However, there is still a distance from its current condition to being exactly used in various applications. Next step, researchers and scientists should pay much attention to ATN's practical exploitation and application, and display ATN's worthiness through ATN's commercial business and transaction.
|
PDF Full Text Request