Yan He,Miaoliang Zhu,Chunying Zheng

DOI: https://doi.org/10.1109/CSSE.2008.867

2008-01-01

Abstract:Traditional security model, where the identity of all possible requesting subjects must be pre-registered in advance, is not suitable for the distributed applications with strong real-time requirements. A promising approach is represented by automated trust negotiation, which establishes trust between strangers through the exchange of digital credentials and the use of access control policies. As the credentials contain sensitive information, entities disclose credentials circumspectly. Given multiple credential exchange sequences achieving the same result, it is desirable to pick the sequence that discloses a set of minimum sensitive credentials. In this paper, we model the policies participating trust negotiation as a Negotiation Petri Net and propose a trust negotiation MSC strategy, which works by the characteristics of Negotiation Petri Net architecture, the behaviors of auto trust negotiation and the greedy algorithm. We prove that the MSC strategy is complete, efficient and mini-sensitivity cost. It also makes sure that no irrelevant credentials will be disclosed during negotiations.

Yan He,Miaoliang Zhu

DOI: https://doi.org/10.4108/infoscale.2007.888

2007-01-01

Abstract:Traditional security model, where the identity of all possible requesting subjects must be pre-registered in advance, is not suitable for the distributed applications with strong real-time requirements, especially recently popular P2P networks and Grid computing. A promising approach is represented by automated trust negotiation, which establishes trust between strangers through the exchange of digital credentials and the use of access control policies. An automated trust negotiation strategy needs to be adopted to establish trust between two parties based on their disclosure policies. Previously proposed negotiation strategies may fail when in fact success is possible, disclose irrelevant credentials, or have high communication or computational complexity. In this paper, we model the policies participating trust negotiation as Negotiation Petri Net and propose a trust negotiation Strategy based on Negotiation Petri Net (SNPN) by combining the characteristics of Negotiation Petri Net architecture with the behaviors of auto trust negotiation. We prove that SNPN is efficient with O(n) communication complexity and O(nm) computational complexity including Negotiation Petri Net building process and the negotiation process in the worst case, where n is the number of credentials and m is the size of the credential disclosure policies. Meanwhile SNPN is complete and makes sure that no irrelevant credentials will be disclosed during negotiations.

Xinxin Liu,Shaohua Tang,Kai Wei

DOI: https://doi.org/10.1109/ICMLC.2010.5580592

2010-01-01

Abstract:Automated trust negotiation (ATN) is an approach to establishing mutual trust between strangers wishing to share resources or conduct business by gradually requesting and disclosing digitally signed credentials. We present the formalization of automated trust negotiation system in the applied pi calculus and analyze its security property automatically with the assistant of an automatic protocol analyzer, ProVerif.

P Xu,J Gao,H Guo

DOI: https://doi.org/10.1109/icmlc.2005.1526940

2005-01-01

Abstract:In application of agent mediated electronic commerce, there exist many situations where agents have to tolerate insecurity and negotiate with deceit-possible agents. This paper presents DTAN model, a novel negotiation model that agents can use to negotiate in a deceit-tolerant manner to get maximal profit even in an unsecured negotiation process. Unlike current approaches to deception in e-commerce, the DTAN model does not mainly focus on ensuring the trustworthiness of partners before negotiation or terminating negotiation on detecting deception, but how to carry on automated negotiations with suspicious agents, take the risk of unpredictable deceits under control, and attain to good performance in an uncertain environment. Time and belief factors are considered in the model. Due to its deceit-tolerant property, DTAN model is robust and more applicable in open e-commerce systems. Moreover, an applied DTAN model is also presented in this paper.

Jun Li,Xiaolin Zheng,Yafeng Wu,Deren Chen

DOI: https://doi.org/10.1109/icebe.2010.27

2010-01-01

Abstract:In C2C e-commerce environment it is possible and indeed quite common to deal with unknown sellers, whose reliability are unknown. Reputation system is a popular technique currently used for providing a global quality score of sellers to consumers. However, such global information is far enough for clients to choose the most qualified products. In the real word, we always ask our trusted friends for some recommended information or trust the information recommended by the clients who have similar preference in recommender systems. Aiming at providing some more useful trust information to consumers, we propose a computational trust model based on the social network which is constructed by the similarity of users in the C2C e-commerce environment, and use a local trust metric for propagating trust in the constructed network. Experiments show that our model can produce a personalized recommended trust value for a specific user, which is more accuracy than a global value in some cases.

WANG Ji-lin,CHEN Xiao-feng,CHEN De-ren

DOI: https://doi.org/10.3785/j.issn.1008-973x.2006.04.010

2006-01-01

Abstract:Exchange of digitally signed certificates was often used to establish mutual trust between strangers that wish to share resources or to conduct business transactions.Automated trust negotiation(ATN) was an approach to regulate the flow of sensitive information during such an exchange.But ATN cannot handle cyclic policy interdependency satisfactorily.Oblivious signature-based envelope(OSBE) is a scheme to solve this problem.However,the existed scheme could only be implemented on a secure channel.An efficient OSBE scheme without the secure channel is proposed using the ideas of identity-based systems and certificate-based encryption,which satisfies all the properties required by OSBE such as soundness and oblivious et al.Also,the scheme can achieve the desired security notations in the random oracle model.

Shangyuan Guan,Xiaoshe Dong,Yiduo Mei,Zhao Wang,Zhengdong Zhu

DOI: https://doi.org/10.1109/HPCC.2008.117

2008-01-01

Abstract:It has been a fundamental but challenging problem to gain assurance of the trustworthiness of service providers or requesters and ensure their interests. We present the formal definition of trust management, and then propose a trust management, CASTTE, to secure sensitive services and requesters in grids. CASTTE verifies access trust by using trust negotiation so as to protect sensitive services, and protects sensitive information of the two negotiators effectively by using a negotiation strategy based on protection tree. Furthermore, we utilize trust force to specify provision trust and apply trust force to service selection. This paper implements CASTTE and designs experiments to evaluate its performance. The experimental results show that it can not only protect sensitive services at the cost of little performance of systems, but also identify good services from bad ones effectively.

GUAN Shangyuan,WU Weiguo,DONG Xiaoshe,MEI Yiduo

DOI: https://doi.org/10.3321/j.issn:0253-987X.2009.08.001

2009-01-01

Abstract:The existing automated trust negotiation systems suffer from the following drawbacks: the policy languages are coarse-grained,the negotiation strategy cannot generate all trust sequences,and the mechanism to evaluate and select trust sequences is absent.To address the above problems,an attribute-constraint-oriented automated trust negotiation(ACATN) model is proposed.The policy language is refined by using attribute constraint,which can not only effectively protect sensitive services and certificates,but also enhance its flexibility.The global access control policy is used to terminate impossible negotiation in advance so that the negotiation efficiency can be improved.The process of generating trust sequence is described by trust sequence searches tree.Based on the tree,the breadth-first and depth-first searches generate not only a trust sequence quickly,but also all trust sequences.Trust sequences are evaluated via disclosure cost and communication overhead so that the optimal one can be selected.ACATN is illustrated using a typical example.

Shangyuan Guan,Yiduo Mei,Xiaoshe Dong,Zhao Wang,Zhengdong Zhu

DOI: https://doi.org/10.1007/978-3-540-92719-8_42

2007-01-01

Abstract:Automated Trust Negotiation (ATN) is a promising approach to allowing strangers to access sensitive services in open environments. Although many ATN systems are proposed, some issues still remain to be addressed: 1) they are centralized and cannot scale well; and 2) their policy languages are coarse-grained. To address the above problems and secure grids, we present a novel automated trust negotiation framework, FORT, to establish trust relationship between service providers and service requesters. FORT is decentralized, so it scales well. Furthermore, we utilize attribute constraints to refine its language. This paper implements FORT and designs experiments to evaluate its performance. Experimental results show that FORT can effectively protect sensitive services at the cost of little performance of systems and scale well.

Wei-jun SHAO,Jun-yuan XIE,Lun JIN

DOI: https://doi.org/10.3969/j.issn.1001-3695.2007.12.063

2007-01-01

Abstract:This paper introduced the notion of automated trust negotiation based on security level and how to use it to protect the system from the attacks leading to denial of service or leakage of sensitive information.

Shangyuan Guan,Xiaoshe Dong

2007-01-01

Abstract:Trust isanimportant aspect ofdecision makingfor gridapplications. Ithasbeenafundamental butchallenging problemtogainassurance ofthetrustworthiness ofservice providers orrequesters. Thispaperproposes a noveltrust negotiation framework, ENVOY,toestablish trust relationship betweenservice providers andrequesters ingrids. ENVOY supportsvariouskindsof delegation by leveraging attribute-based credentials and defines delegation range expediently byusingattribute constraint, andwe develop a negotiation strategy basedon protection treetosupport ENVOY,whichprovides thesupport forprotection ofsensitive information ofthetwonegotiation parties. Moreover, ENVOY employs multithreaded technology andtrust ticket tospeedup negotiation. Thispaperdescribes theimplementation of ENVOY anddesigns experiments toevaluate itsperformance, andtheexperimental results showthatitisapplicable. I.INTRODUCTION GRIDemphasizes large scale resource sharing across Jadministrative domains orsecurity domains inaflexible, secure, andcoordinated fashion (1). Asgrid transfers froma purely scientific community toaheterogeneous, commercial, opencommunity, itenters an environment ofmutual suspicion (2). Malicious users maydamage grids bystealing sensitive information. Therefore, themostsignificant challenge forgrid computing istodevelop acomprehensive setofmechanisms andpolicies forsecuring grids, oneof whichistheenforcement ofaccess control. Accesscontrol ingrids istypically provided by a combination ofidentity certificates andlocal accounts (3). Unfortunately, traditional access control methods based on theidentity ofusersisineffective andcannot scale well because thenumberofusers andservices islarge andtheir population isdynamic. Furthermore, service provider and usermaybefromdifferent security domains whichmight maintain different security policies, possibly without prior knowledge ofeachother. Therefore, ithasbeena fundamental butchallenging problem togain assurance ofthe trustworthiness oftheservice provider orusers. A promising approach toaccess control, Automated Trust Negotiation (ATN)(4), iswell-suited forgrids because it allows thetwonegotiation parties establish trust bygradually andinteractively disclosing credentials andaccess control policies while preserving their privacy. However, there are somelimitations ondelegation andnegotiation strategy in

Xinxin Liu,Shaohua Tang,Qiong Huang,Zhiwen Yu

DOI: https://doi.org/10.1016/j.csi.2013.03.003

IF: 3.721

2013-01-01

Computer Standards & Interfaces

Abstract:We propose an ontology-based approach to automated trust negotiation (ATN) to establish a common vocabulary for ATN across heterogeneous domains and show how ontologies can be used to specify and implement ATN systems. The components of the ATN framework are expressed in terms of a shared ontology and ontology inference techniques are used to perform ATN policy compliance checking. On this basis, a semantically relevant negotiation strategy (SRNS) is proposed that ensures the success of a negotiation whenever it is semantically possible. We analyze the properties of SRNS and evaluate the performance of the ontology-based ATN.

Shangyuan Guan,Xiaoshe Dong,Yiduo Mei,Weiguo Wu,Zhenghua Xue

DOI: https://doi.org/10.1109/ICNSC.2008.4525201

2008-01-01

Abstract:Trust is an important aspect of decision making for grid applications. It has been a fundamental but challenging problem to gain assurance of the trustworthiness of service providers or requesters. This paper proposes a novel trust negotiation framework, ENVOY, to establish trust relationship between service providers and requesters in grids. ENVOY supports various kinds of delegation by leveraging attribute-based credentials and defines delegation range expediently by using attribute constraint, and we develop a negotiation strategy based on protection tree to support ENVOY, which provides the support for protection of sensitive information of the two negotiation parties. Moreover, ENVOY employs multithreaded technology and trust ticket to speed up negotiation. This paper describes the implementation of ENVOY and designs experiments to evaluate its performance, and the experimental results show that it is applicable.

Shangyuan Guan,Xiaoshe Dong,Weiguo Wu,Yiduo Mei,Guofu Feng

DOI: https://doi.org/10.1109/aina.2008.25

2008-01-01

Abstract:Trust has been recognized as an important factor for information security in open and dynamic environments, such as Internet applications, p2p systems etc. On the basis of analyzing existing trust management systems, this paper proposes a Distributed Trust Management based on Authorizing Negotiation (DTMAN). DTMAN presents a number of innovative features. First, it can authorize strangers by using authorizing negotiation, so it is very suitable for open and dynamic environments. Second, a high efficient algorithm for compliance checking is developed to support DTMAN, whose time complexity and space complexity are both O(n) (where n is the cardinality of the set of authorization credentials). The experimental result shows that the algorithm of DTMAN is more efficient than others.

Xinxin Liu,Shaohua Tang,Shiqian Chen

DOI: https://doi.org/10.1007/s12083-015-0343-1

IF: 3.488

2015-01-01

Peer-to-Peer Networking and Applications

Abstract:utomated trust negotiation (ATN) is an approach to regulating the gradual exchange of sensitive resources, which are protected by access control policies, between two strangers to establish mutual trust in open distributed systems. Policy compliance checkers of ATN determine which credentials satisfy an access control policy and whether a particular set of credentials satisfies the relevant policy. We propose a description logic-based approach to policy compliance checking, in which the description logic (DL) 𝒮ℋ𝒪ℐ𝒩(𝒟) is exploited to formalize credentials and policies of ATN, and the state-of-the-art DL reasoners are leveraged for policy compliance checking. By exploring the semantics of credentials and policies defined by DL, our approach can promote the success of a negotiation whenever it is semantically possible. As long as a policy can be satisfied, our approach can find the credentials satisfying the policy. These credentials can be either syntactically defined in the policy or semantically imply those defined. In addition, benefiting from DL reasoning, attribute delegations that are modeled as semantic relations among attributes can be retrieved by our approach as the evidence of a negotiator’s satisfaction of an access control policy. This evidence is quite necessary in the ATN environment where negotiators are usually strangers belonging to different domains without a common knowledge of delegations.

Jian Chen,Fei Lu,Yuanzhe Liu,Sheng Peng,Zhiming Cai,Fu Mo

DOI: https://doi.org/10.1016/j.ijcip.2024.100661

IF: 3.683

2024-01-25

International Journal of Critical Infrastructure Protection

Abstract:With an increasing demand for authenticated data exchange between jurisdictions, ensuring the privacy and security of data interactions is crucial for national security, public health, and economic vitality, becoming a fundamental national infrastructure. Current solutions can be categorized into two types: fully decentralized autonomous systems based on blockchains or centralized solutions that rely on authoritative centers such as certification authorities (CAs). In reality, a balance needs to be struck between guaranteed authority and privacy independence. A certain authority is needed as an authorization guarantee, and decentralization is required to ensure privacy and the independence of the authority. This paper proposes a novel scheme, CT-MA-ABE (Cross-Trust Multiple Authorization Attribute-Based Encryption), to address these issues by implementing MA-ABE for cross-border institutional authorization interactions, utilize blockchain certification authority (BCA) for credibility and encryption-based authorization to protect attribute data privacy. This solution integrates the role of 'notary' in cross-border interactions, addressing the supervision problem in fully decentralized approaches while also considering the trust issue in centralized systems. This paper also introduces the Universal Certificate Authority Pool (UCAP), an innovative hybrid federated authorization method, creatively utilizing the implied authorization conditions of attributes to create a flexible and transitive authorization mechanism based on attribute relationships and extensions, enhancing privacy protection and improving the speed of authorization matrix calculation. The successful deployment of the system between the legal jurisdictions in South China, Zhuhai and Macau as a critical infrastructure component for securing data interactions further demonstrates its effectiveness as a reliable and secure solution.

engineering, multidisciplinary,computer science, information systems

ZHU Chang-sheng,LIU Peng-hui,WANG Qing-rong,CAO Lai-cheng

DOI: https://doi.org/10.3724/sp.j.1087.2011.01862

2011-01-01

Journal of Computer Applications

Abstract:How to keep mutual anonymity between two entities is one of the critical issues for Trusted Computation(TC).According to the characteristics of TC,an efficient password-based authenticated key exchange scheme was proposed.Adopting threshold cryptography and fuzzy ID set,the scheme achieved mutual anonymity between user and server sharing ID set.On the premise of secure hashing,the analysis and the proving procedure based on the Random Oracle Model(ROM) show this scheme is secure against dictionary attack and resource-depletion DoS(Denial-of-Service) attack under the computational Diffie-Hellman intractability assumption.This scheme effectively preserves the user's privacy and server's privacy,and compared with other schemes such as VIET et al.'s scheme,it is more efficient.

HL Hu,D Chen,CQ Huang

DOI: https://doi.org/10.1007/11428862_31

2005-01-01

Abstract:The open and anonymous of grid make the task of controlling access to sharing information more difficult, which cannot be addressed by traditional access control methods. In this paper, we identify access control requirements in such environments and propose a trust based access control framework for grid resource sharing. The framework is an integrated solution involving aspects of trust and recommendation models, based the discretionary access control (DAC), and are applied to grid resource-sharing systems. In this paper, we integrate technology of web services into idea of trust for describing resources.

Xin-xin Liu,Shao-hua Tang

DOI: https://doi.org/10.3969/j.issn.1000-565X.2013.01.012

2013-01-01

Abstract:In order to implement the formal analysis and verification of the security for automated trust negotiation (ATN), this paper takes the formal analysis methods of security protocols as references and proposes a novel approach to ATN modeling and security verification with the help of the process algebra applied π calculus. In this approach, ATN is formalized as the parallel composition of two processes corresponding to two negotiators, and the process of a negotiator is the static modeling of its certificates and authorization policies. The ATN security is defined as the observational equivalence of the applied π calculus so as to verify not only the security of the authorization policy enforcement but also the privacy of negotiators. With the help of the automatic protocol analyzer ProVerif, the security of ATN is automatically analyzed. Experimental results show that the proposed approach helps to implement automatic security verification with high feasibility and efficiency.

Qiang Zhang,Xiaowei Wang,Zhenghu Gong

DOI: https://doi.org/10.1109/CSSE.2008.1363

2008-01-01

Abstract:We find that traditional authentication ways donpsilat act well in MANETs for the features of dynamic topology and non-existence of central facilities in mobile ad hoc networks. This paper presents a distributed trust proving language, which is based on role trust. The solution of constructing credential authentication infrastructure and the problem how to perform automated trust negotiation are also discussed. Our design defines roles and policies to make distributed trust negotiation and it can avoid unrelated credential fetching. Simulations show that Our design outperforms traditional trust negotiation ways and is more efficient as a security authentication mechanism in the MANET environments.