Research On Mechanisms Of Credential Disclosure In ATN

With the rapid development of P2P (peer to peer) network, the concept of Trust Negotiation was introduced for establishing a trust between the two unknown peers. The establishment of trust between two security domains requires exchange of numerous credentials. While exchanging the credentials between two unknown peers there is always fear of information misuse, as they disclose all the attribute/value pairs of the credential irrespective of their requirements. However with the existing trust negotiation system the negotiation time is longer due to exchange of numerous credentials and there are always chances of information leakage due to the inability of preserving credential privacy. Therefore fastening the speed of negotiating time and preserving the privacy of the credentials is prime concern of the research.The reduction of the negotiation time during automated trust negotiation (ATN) was on focus, and demonstrated through design and implementation. If the number of exchanged credentials during ATN is limited the trust negotiation rate is increased and it also minimizes the space requirements for storing the credentials, which are the main advantages of integrated credential. Integrated credential combines the contents of the other credentials into one. The uncertified credential was used for examining the concept on integrated credential in TrustBuilder2 framework.The next focus of this thesis is preserving privacy. The two approaches were used for preserving privacy. The first approach is associating policy within credentials. The policy is associated only within the sensitive credentials. If the policy is assigned with all credentials then it will lead to deadlock. The associated policy with the credential defines the requirements that need to be fulfilled to gain access of the credential. The second approach is redefining IOManipulationModule module of TrustBuilder2 framework. When IOManipulationModule module is enabled during ATN it discloses all the attribute/value pairs of a credential which may lead to information misuse. To nullify this effect, IOManipulationModule module of TrustBuilder2 framework is redefined. After redefining the module, it only discloses those attribute/value pairs which are required for satisfying the policy. The remaining attribute/value pairs are hidden which ensures the credential privacy.The proposed concept was verified in TrustBuilder2 framework, which is reconfigurable, open system framework designed in JAVA. The program of Client and Server and its required properties for the experiment are written in Java. The interfaces provided by the TrustBuilder2 framework were adopted by the Client and Server program. All credentials and policies are defined using Java Expert System Shell, a rule engine for the JAVA platform. The experiment result shows that it is efficient to use integrated credentials and the approaches given for preserving privacy is well enough for maintaining the privacy during ATN.