| Automated Trust Negotiation (ATN) provides a new approach for trust establishment between strangers in different security domains on the network under iterative disclosures of credentials and access control policies. On the basis of summarization of the fruit in ATN research, negotiation strategy is studied deeply according to the maintenance in privacy protection and autonomy for entities and the requirements of security and efficiency in trust establishment. The major contribution includes:According to the summarization of the necessary concepts and symbols, a universal formal description frame is introduced to describe the problems of ATN canonically. Satisfaction, unlock, safe disclosure sequence, shortest disclosure sequence, safety of negotiation strategy and completeness of negotiation strategy are defined in the frame, as well as the abstract model of ATN and successful negotiation are described in formalization.Incorporating the fruit of trust management domain, a two-stage negotiation strategy based on trust evaluation is proposed, an ATN model based on trust evaluation is designed, and a scheme of upload/download for negotiation strategy is presented. The two-stage negotiation strategy divides negotiation process into pre-negotiation and official negotiation. In the former stage, all control information including the ability for offering service is negotiated to improve efficiency. In the latter stage, the scheme of upload/download for the same negotiation strategy and negotiation protocol is applied to achieve interoperation delicately.The disclose cost is introduced to solve the problem of treating all credentials with the same sensitivity and the same format. Considering disclosure cost, a negotiation strategy based on a tree with weight (NPTree_W) and its corresponding protocol are designed under the idea of local optimization. The entity will always choose the credential with the lowest weight to request for disclose until the negotiation ends with success or failure. Although the process of negotiation is formalized as the process of traversing the tree depth first, the branch selection rule and the backtracking rule are defined to reduce the complexity of searching route for the improvement of efficiency. The safety and completeness of the NPTree_W strategy are proved using formal language, as well as the computational complexity and the communication complexity are analyzed in formalization.Considering disclosure cost, a negotiation strategy based on dynamic programming and its corresponding protocol are designed according to the lack of global optimization in the domain of ATN strategy. The strategy is modeled on AND/OR graph under the idea of global optimization to achieve the minimal cost disclose sequence, and formalizes the negotiation process into two phases: (1) the phase of forming minimal cost solution tree from negotiation graph, (2) the phase of forming credential disclosure sequence from minimal cost solution tree. The two phases separate unlock from disclosure for credential to achieve security and efficiency. The safety and completeness of the strategy are proved using formal language, as well as the computational complexity and the communication complexity are analyzed in formalization. |
PDF Full Text Request