Negotiation and management of coalition resources

In collaborative environments ranging from commercial research and development to military joint task forces, autonomous domains form coalitions to share resources. Coalitions are peer-to-peer networks where resource sharing is achieved by the distribution of permissions for coalition resources to coalition members based on resource-sharing agreements or common access states, which are negotiated between the member domains. An important characteristic of coalitions is that they are dynamic in that member domains may leave or new domains may join during the life of the coalition. This dissertation addresses the negotiation and management of resources in dynamic coalitions. We define the problems of (1)  joint administration of access policies for jointly owned coalition resources, (2) dependency enforcement between identity and attribute certificates in coalitions, and (3) negotiation of common access states for dynamic coalitions, and provide solutions for these problems.; We show that joint administration of access policies requires that the member domains set up a coalition authority that distributes attribute certificates yet retain control over the issuance of such certificates. Also, we show that shared public keys enable joint administration of access policies in a way that minimizes trust liability when compared to solutions using conventional public keys. We develop an authorization protocol to reason about the joint administration of access policies. We show that if dependencies between identity and attribute certificates in coalition networks are not enforced, registered users may be able to retain unauthorized privileges. We present a selective revocation method to enforce the certificate dependencies.; We show that negotiating a common access state means obtaining the agreement of each domain to share privately owned resources and to jointly own and administer resources with the other domains of the coalition while satisfying both the negotiation constraints placed by the domains and the local access constraints of each domain. We also show that in the presence of coalition dynamics, member domains must re-negotiate the common access state multiple times. We develop a state transition model of the negotiation process and a negotiation language for the specification of a wide variety of negotiation constraints.