Research On Security Of Hidden Credentials In Automated Trust Negotiation

In the distributed computing environment of resource sharing, it is often needed to across multiple security domains for resources accessing, how to complete the multi-domain control and to establish a trust relationship between strange entities under the current situation has become a hot topic in the current study of information security. The traditional access control technologies, such as DAC, RBAC, are all within a single secure domain and it cannot suitable for multi-domain environment. The proposed scheme Automated Trust Negotiation (ATN) has solved this problem. It regulates how to disclose digital credentials and access control policies and provides a method to establish mutual trust between strangers that wish to share resources or conduct business transactions from different security domains by using exchange of attribute credentials.The current research of ATN has focuses on negotiation models, policy language and the protection of sensitive information during the negotiations and so on. In particular the protection of sensitive information, scholars have put forward many kinds of negotiation protocols, and the hidden credentials system is a representative scheme. Hidden credentials encryption algorithm is constructed in the bilinear, with high security and confidentiality. Information and resources in consultation with the access control policy for encryption, only to decrypt the certificate to meet the strategy. Certificate and policy are not transmitted on the network to prevent the disclosure of sensitive information.This research focuses on the hidden credentials system in the application of automated trust negotiation, analyzes the advantage of hidden credentials of certificate and threat of attack that is faced with in multiple security domains, the main contents are:(1) To analyze the anti-attack capability of hidden credentials system, summarized the advantage of the protection of sensitive information, as well as resistance to DoS attacks and vulnerabilities of CA imitation attacks.(2) For the vulnerable of hidden credentials when DoS attacks happens, analyze the main form of DoS attack in automated trust negotiation. Based on the exist hidden credentials system, an improved solution is proposed, it introduces the message authentication mechanism, using hash functions to ensure negotiation Information integrity and authenticity of the sender identification. Finally, the correct of the scheme is proved and security of it is analyzed.(3) In order to prevent the CA impersonate the user's certificate because they have the private key in hidden credentials system, in the stage of the CA establishment, to establish two independent CA, and make them together to complete the certificate issued. This scheme can prevent CA imitate the user to take part in negotiation, introduce of the two CA, splitting the master key, even if any one of them leaked, the attacker can not get the complete master key, or increase the difficulty of their attacks, This has greatly improved system security, make up the shortcomings of identity-based encryption system.