Research On Automated Trust Negotiation Framework And A Prototype Design

With the rapid development of internet and telecommunication technologies, service- centered systems for resources sharing and tasks coordination are more and more attractive. However, under this kind of open distributed systems environment, the completion of jobs requires the cooperation and coordination of subjects which belong to different security management domains. How to establish mutual trust between strangers in open distributed computing circumstances becomes a tough challenge. Automated Trust negotiation (ATN) is a new research branch of access control field, which enables strangers in different security management domains to establish mutual trust through disclosing digital credentials and access control policies iteratively. ATN systems become the security guarantees for access controlling across security management domains. Therefore, ATN has become a hot topic of computer security realm.Aiming at current ATN frameworks are highly computing and communicating consuming in the processes of credential disclosure sequence generation and credentials'validity verifying, a practical model of access control policy efficiency (P.E.) evaluation is proposed, which improve the efficiency and success rate remarkably without losing sensitive information protection in automated trust negotiation. Based on this model, a new ATN framework, which is appropriate for P2P environment, for accelerating trust establishment and its application extension framework used for e-services are designed. The ATN frameworks designed in this paper use locally trusted peers'(LTPs) and local peer's previous trust negotiation information, with solutions of sequence cache, molecule sequence cache, verifying ticket, declaration ticket, proving ticket and credential disclosure sequence predication, through reducing credentials'exchanging and validity verifying times during the process of credential disclosure sequence generation to improve the efficiency and success rate of automated trust negotiation. A large number of comparing experiments indicate that, as these frameworks are used, both the efficiency and success rate of automated trust negotiation are remarkably improved.