| With the development of Internet, interactions between business, military and company through Internet are more and more frequently. It is urgent to enable strangers coming from different security domains to cooperate with each other, such as sharing resources, conducting business and so on. However, traditional access control techniques based on single security domain and centralized management cannot be competent. How to establish mutual trust between entities wishing to communicate and do business in decentralized computing environment is a challenge. Automated trust negotiation (ATN for short) is proposed to address this problem, which is a promising approach to establishing trust in open systems like the Internet. It enables strangers who may come from different security domains to establish mutual trust by iteratively requesting and disclosing digitally signed credentials.With the development of wireless network, numerous environments with limited computational resources and communication resources are developed, such as pervasive computing, peer-to-peer computing, sensor network and so on. Based on the analysis of research issues in ATN, in order to enable ATN to be used in all kinds of environments (including environments with limited resources), sensitive information protection in ATN should be strengthened, and negotiation efficiency should be highly improved, providing users with safe, reliable, convenient and efficient services in the open environment.Policy database is designed to protect possession sensitive information in ATN, but possession sensitive information leakage by probabilistic inference still exists. To address this problem, strictness between policies is defined from the two aspects:syntax and semantic, and the strictness relationship is enforced in the original policy database system by adding a new component relevance checker. The improved policy database system, which is proved to be feasible, provides stronger protection than the original one.In automated trust negotiation, a negotiation strategy must be adopted to determine the search for a successful negotiation based on the access control policies, which is a key component. Based on the research of existing negotiation strategies, a novel negotiation strategy is proposed, that is, Deterministic Finite Automaton Negotiation Strategy (DFANS), which satisfies all the desirable properties of negotiation strategies. In the worst case, its communication complexity is O(n), where n is the total number of credentials requested, and its computational complexity is O(m) when not involving the cyclic dependencies, where m is the total size of the both sides'policies looked up during the negotiation. When cyclic dependencies exist, a reasonable additional cost will be added to the computational cost of DFANS to guarantee the negotiation success whenever possible.There are potential conflicts among negotiation success, efficiency and privacy preservation in automated trust negotiation. In order to make a trade-off among these three aspects, policy languages are extended, an associated protocol is developed, a useful model of P.E. evaluation is designed, all of which improve negotiation efficiency and success under some conditions without sensitive information leakage in automated trust negotiation.Generally, a negotiation process should be organized as the following two phases, the disclosure sequence generation phase and the credential exchange phase, which are both computationally expensive. Therefore, three efficient trust negotiation framework are designed to speed up negotiations from the above two phases whenever possible. The first trust negotiation framework supports disclosure sequence predictions by locally trusted peers, and makes use of declaration tickets and proving tickets to reduce the number of exchanged credentials and credential validations. The experiment results show that the proposed trust negotiation framework can highly enhance negotiation efficiency. The second trust negotiation framework incorporates automated trust negotiation into e-services that may be accessed in environments with limited computational resources and communicational resources, which is used to address trust issues in e-services. The third trust negotiation framework supports trustworthiness level evaluation by overlapping virtual organizations, and uses fine-grained adaptive policies to adjust policies based on the trustworthiness levels, which can not only simplify the negotiation process and reduce the number of exchanged credentials and credential validations whenever possible, but also avoid to revealing unnecessary information during negotiations.
|
PDF Full Text Request