Yan He,Miaoliang Zhu

DOI: https://doi.org/10.4108/infoscale.2007.888

2007-01-01

Abstract:Traditional security model, where the identity of all possible requesting subjects must be pre-registered in advance, is not suitable for the distributed applications with strong real-time requirements, especially recently popular P2P networks and Grid computing. A promising approach is represented by automated trust negotiation, which establishes trust between strangers through the exchange of digital credentials and the use of access control policies. An automated trust negotiation strategy needs to be adopted to establish trust between two parties based on their disclosure policies. Previously proposed negotiation strategies may fail when in fact success is possible, disclose irrelevant credentials, or have high communication or computational complexity. In this paper, we model the policies participating trust negotiation as Negotiation Petri Net and propose a trust negotiation Strategy based on Negotiation Petri Net (SNPN) by combining the characteristics of Negotiation Petri Net architecture with the behaviors of auto trust negotiation. We prove that SNPN is efficient with O(n) communication complexity and O(nm) computational complexity including Negotiation Petri Net building process and the negotiation process in the worst case, where n is the number of credentials and m is the size of the credential disclosure policies. Meanwhile SNPN is complete and makes sure that no irrelevant credentials will be disclosed during negotiations.

Yan He,Miaoliang Zhu,Chunying Zheng

DOI: https://doi.org/10.1109/CSSE.2008.867

2008-01-01

Abstract:Traditional security model, where the identity of all possible requesting subjects must be pre-registered in advance, is not suitable for the distributed applications with strong real-time requirements. A promising approach is represented by automated trust negotiation, which establishes trust between strangers through the exchange of digital credentials and the use of access control policies. As the credentials contain sensitive information, entities disclose credentials circumspectly. Given multiple credential exchange sequences achieving the same result, it is desirable to pick the sequence that discloses a set of minimum sensitive credentials. In this paper, we model the policies participating trust negotiation as a Negotiation Petri Net and propose a trust negotiation MSC strategy, which works by the characteristics of Negotiation Petri Net architecture, the behaviors of auto trust negotiation and the greedy algorithm. We prove that the MSC strategy is complete, efficient and mini-sensitivity cost. It also makes sure that no irrelevant credentials will be disclosed during negotiations.

P Xu,J Gao,H Guo

DOI: https://doi.org/10.1109/icmlc.2005.1526940

2005-01-01

Abstract:In application of agent mediated electronic commerce, there exist many situations where agents have to tolerate insecurity and negotiate with deceit-possible agents. This paper presents DTAN model, a novel negotiation model that agents can use to negotiate in a deceit-tolerant manner to get maximal profit even in an unsecured negotiation process. Unlike current approaches to deception in e-commerce, the DTAN model does not mainly focus on ensuring the trustworthiness of partners before negotiation or terminating negotiation on detecting deception, but how to carry on automated negotiations with suspicious agents, take the risk of unpredictable deceits under control, and attain to good performance in an uncertain environment. Time and belief factors are considered in the model. Due to its deceit-tolerant property, DTAN model is robust and more applicable in open e-commerce systems. Moreover, an applied DTAN model is also presented in this paper.

Xinxin Liu,Shaohua Tang,Qiong Huang,Zhiwen Yu

DOI: https://doi.org/10.1016/j.csi.2013.03.003

IF: 3.721

2013-01-01

Computer Standards & Interfaces

Abstract:We propose an ontology-based approach to automated trust negotiation (ATN) to establish a common vocabulary for ATN across heterogeneous domains and show how ontologies can be used to specify and implement ATN systems. The components of the ATN framework are expressed in terms of a shared ontology and ontology inference techniques are used to perform ATN policy compliance checking. On this basis, a semantically relevant negotiation strategy (SRNS) is proposed that ensures the success of a negotiation whenever it is semantically possible. We analyze the properties of SRNS and evaluate the performance of the ontology-based ATN.

Xinxin Liu,Shaohua Tang,Shiqian Chen

DOI: https://doi.org/10.1007/s12083-015-0343-1

IF: 3.488

2015-01-01

Peer-to-Peer Networking and Applications

Abstract:utomated trust negotiation (ATN) is an approach to regulating the gradual exchange of sensitive resources, which are protected by access control policies, between two strangers to establish mutual trust in open distributed systems. Policy compliance checkers of ATN determine which credentials satisfy an access control policy and whether a particular set of credentials satisfies the relevant policy. We propose a description logic-based approach to policy compliance checking, in which the description logic (DL) 𝒮ℋ𝒪ℐ𝒩(𝒟) is exploited to formalize credentials and policies of ATN, and the state-of-the-art DL reasoners are leveraged for policy compliance checking. By exploring the semantics of credentials and policies defined by DL, our approach can promote the success of a negotiation whenever it is semantically possible. As long as a policy can be satisfied, our approach can find the credentials satisfying the policy. These credentials can be either syntactically defined in the policy or semantically imply those defined. In addition, benefiting from DL reasoning, attribute delegations that are modeled as semantic relations among attributes can be retrieved by our approach as the evidence of a negotiator’s satisfaction of an access control policy. This evidence is quite necessary in the ATN environment where negotiators are usually strangers belonging to different domains without a common knowledge of delegations.

彭志宇,李善平,杨朝晖,林欣

DOI: https://doi.org/10.3785/j.issn.1008-973X.2010.05.011

2010-01-01

Abstract:An anonymous authorization mechanism was proposed to protect the user's privacy in the process of authorization in trust management. User requested for services using their real identification in most of the classic trust-management language system, which potentially leaded to the privacy leaking. Through dynamically searching for the delegation roles which take over the request, the anonymous authorization mechanism retained the right behavior of credential chain discovery and achieved a quantitative way of anonymity against the resource provider. Results showed that the anonymous mechanism shared the same worst-case time complexity with the traditional forward credential-chain-searching method. A method of caching all the members in the nodes was proposed to improve the performance in time spending. Simulation results showed that the performance in time spending greatly improved in the relative stable systems, in which the credentials change slowly.

Shangyuan Guan,Xiaoshe Dong,Yiduo Mei,Weiguo Wu,Zhengdong Zhu

DOI: https://doi.org/10.1109/ICEBE.2008.50

2008-01-01

Abstract:Exchange of attribute certificates is a means to establish mutual trust between strangers wishing to share resources or conduct business transactions. Automated trust negotiation (ATN) is a promising approach to regulating the exchange of sensitive information during this process. It has been a fundamental but challenging problem to preserve the privacy of the two negotiation parties during the period of ATN. We present the enhanced hidden credentials and improved concurrent zero-knowledge proof protocol. Based on the above technologies, we propose an ATN for e-business applications, named CASTLE. CASTLE can not only enable the oblivious and selective usage of an attribute or a certificate, but also be resistible for many attacks, especially conspiracy attack. We illustrate the usage of CASTLE through a typical example.

Xinxin Liu,Shaohua Tang,Kai Wei

DOI: https://doi.org/10.1109/ICMLC.2010.5580592

2010-01-01

Abstract:Automated trust negotiation (ATN) is an approach to establishing mutual trust between strangers wishing to share resources or conduct business by gradually requesting and disclosing digitally signed credentials. We present the formalization of automated trust negotiation system in the applied pi calculus and analyze its security property automatically with the assistant of an automatic protocol analyzer, ProVerif.

Shangyuan Guan,Xiaoshe Dong

2007-01-01

Abstract:Trust isanimportant aspect ofdecision makingfor gridapplications. Ithasbeenafundamental butchallenging problemtogainassurance ofthetrustworthiness ofservice providers orrequesters. Thispaperproposes a noveltrust negotiation framework, ENVOY,toestablish trust relationship betweenservice providers andrequesters ingrids. ENVOY supportsvariouskindsof delegation by leveraging attribute-based credentials and defines delegation range expediently byusingattribute constraint, andwe develop a negotiation strategy basedon protection treetosupport ENVOY,whichprovides thesupport forprotection ofsensitive information ofthetwonegotiation parties. Moreover, ENVOY employs multithreaded technology andtrust ticket tospeedup negotiation. Thispaperdescribes theimplementation of ENVOY anddesigns experiments toevaluate itsperformance, andtheexperimental results showthatitisapplicable. I.INTRODUCTION GRIDemphasizes large scale resource sharing across Jadministrative domains orsecurity domains inaflexible, secure, andcoordinated fashion (1). Asgrid transfers froma purely scientific community toaheterogeneous, commercial, opencommunity, itenters an environment ofmutual suspicion (2). Malicious users maydamage grids bystealing sensitive information. Therefore, themostsignificant challenge forgrid computing istodevelop acomprehensive setofmechanisms andpolicies forsecuring grids, oneof whichistheenforcement ofaccess control. Accesscontrol ingrids istypically provided by a combination ofidentity certificates andlocal accounts (3). Unfortunately, traditional access control methods based on theidentity ofusersisineffective andcannot scale well because thenumberofusers andservices islarge andtheir population isdynamic. Furthermore, service provider and usermaybefromdifferent security domains whichmight maintain different security policies, possibly without prior knowledge ofeachother. Therefore, ithasbeena fundamental butchallenging problem togain assurance ofthe trustworthiness oftheservice provider orusers. A promising approach toaccess control, Automated Trust Negotiation (ATN)(4), iswell-suited forgrids because it allows thetwonegotiation parties establish trust bygradually andinteractively disclosing credentials andaccess control policies while preserving their privacy. However, there are somelimitations ondelegation andnegotiation strategy in

Wei-jun SHAO,Jun-yuan XIE,Lun JIN

DOI: https://doi.org/10.3969/j.issn.1001-3695.2007.12.063

2007-01-01

Abstract:This paper introduced the notion of automated trust negotiation based on security level and how to use it to protect the system from the attacks leading to denial of service or leakage of sensitive information.

GUAN Shang-yuan,WU Wei-guo,DONG Xiao-she,QIAN De-pei

DOI: https://doi.org/10.3969/j.issn.1000-436x.2011.02.013

2011-01-01

Abstract:First,a unified ATN formal framework was presented,into which typical negotiation strategies could be reduced.Second,the formal verification of ATN was defined based on the formal framework.The objectives and procedures of the formal verification of ATN were described.Third,several typical negotiation strategies were discussed,and the computational complexity of the corresponding verification problems was shown,several conclusions had been obtained.Last,the formal verification of ATN was implemented by using logic programming and model checking methods.The experimental results show that the number of rules is a crucial factor in determining the runtime.Both logic programming and model checking are efficient when the number of transition rules is small,and logic programming does not scale as well as model checking.

Shangyuan Guan,Yiduo Mei,Xiaoshe Dong,Zhao Wang,Zhengdong Zhu

DOI: https://doi.org/10.1007/978-3-540-92719-8_42

2007-01-01

Abstract:Automated Trust Negotiation (ATN) is a promising approach to allowing strangers to access sensitive services in open environments. Although many ATN systems are proposed, some issues still remain to be addressed: 1) they are centralized and cannot scale well; and 2) their policy languages are coarse-grained. To address the above problems and secure grids, we present a novel automated trust negotiation framework, FORT, to establish trust relationship between service providers and service requesters. FORT is decentralized, so it scales well. Furthermore, we utilize attribute constraints to refine its language. This paper implements FORT and designs experiments to evaluate its performance. Experimental results show that FORT can effectively protect sensitive services at the cost of little performance of systems and scale well.

SHI Wenbo,CAO Chun

DOI: https://doi.org/10.3778/j.issn.1002-8331.1208-0528

2013-01-01

Abstract:Trust Management implements the authorization procedure and access control decision in an open network environment according to the credential issuing and the chain discovery algorithms. However, because of the complexity and dynamic of the trust network, the traditional trust-management system results in a low efficiency in credential discovery. To address the shortage, this paper proposes an autonomous trust-management system which introduces the concept of authority routing table.The system makes sure the direction of the search guides directly to the requester while finding the credential chain. While the trust network is complex and the right request happens frequently, the autonomous trust-management system can reduce the search cost and improve the efficiency in credential discovery.

Shangyuan Guan,Xiaoshe Dong,Weiguo Wu,Yiduo Mei,Guofu Feng

DOI: https://doi.org/10.1109/aina.2008.25

2008-01-01

Abstract:Trust has been recognized as an important factor for information security in open and dynamic environments, such as Internet applications, p2p systems etc. On the basis of analyzing existing trust management systems, this paper proposes a Distributed Trust Management based on Authorizing Negotiation (DTMAN). DTMAN presents a number of innovative features. First, it can authorize strangers by using authorizing negotiation, so it is very suitable for open and dynamic environments. Second, a high efficient algorithm for compliance checking is developed to support DTMAN, whose time complexity and space complexity are both O(n) (where n is the cardinality of the set of authorization credentials). The experimental result shows that the algorithm of DTMAN is more efficient than others.

Qi Jing,Li Cheng,Shubin Liao,Suke Li

2012-01-01

Abstract:Ad Hoc network is a multi-hop wireless network, consist of the self-organizing wireless mobile nodes and without fixed infrastructure, but its openness brings "stranger access" problem. Trust management strategy based on trust evaluation can solve such problems. By entrusting trust certificate with trust value, access control policy can be passed to "strangers", and make them able to access the nodes in Ad Hoc network. In order to achieve the trust management based on trust evaluation, this paper proposes policy language for trust management in Ad hoc network. ATPL is defined based on constraint Datalog, realizes the three trust delegation chain of TEAMA by entrusting authorization rules, and completes the calculation of certificate execution and delegation trust value at the same time. This paper defines the syntax of ATPL, discusses the safety of ATPL rules, and proposes the basic safety convention of ATPL and safety statute. By the discussion of ATPL explanatory semantics, this paper solves the legacy security issue, and proves that ATPL rule is safe under various security constraints defined herein. © 2005 - 2012 JATIT & LLS. All rights reserved.

Shangyuan Guan,Xiaoshe Dong,Yiduo Mei,Weiguo Wu,Zhenghua Xue

DOI: https://doi.org/10.1109/ICNSC.2008.4525201

2008-01-01

Abstract:Trust is an important aspect of decision making for grid applications. It has been a fundamental but challenging problem to gain assurance of the trustworthiness of service providers or requesters. This paper proposes a novel trust negotiation framework, ENVOY, to establish trust relationship between service providers and requesters in grids. ENVOY supports various kinds of delegation by leveraging attribute-based credentials and defines delegation range expediently by using attribute constraint, and we develop a negotiation strategy based on protection tree to support ENVOY, which provides the support for protection of sensitive information of the two negotiation parties. Moreover, ENVOY employs multithreaded technology and trust ticket to speed up negotiation. This paper describes the implementation of ENVOY and designs experiments to evaluate its performance, and the experimental results show that it is applicable.

JIN Lun,PENG Zhao-yang,XIE Jun-yuan

DOI: https://doi.org/10.3969/j.issn.1001-3695.2007.06.044

2007-01-01

Abstract:The general flow of trust negotiation was introduced,the concept of gradual trust negotiation and policy graph was given,a new secure trust negotiation strategy algorithm was put and the security of it was analyzed.

Lu Chen,Qing Zhou,Gaofeng Huang,Liqiang Zhang

DOI: https://doi.org/10.1109/CIS.2014.47

2014-01-01

Abstract:Resource sharing is one of the main applications of network. How to establish a trust relationship between resources requestor and provider, and enforce authority is the key issue of efficient resource sharing. Existing models and methods are mostly focus on identity, recommendation and other information, but lack of the considering of resource requestor's conduct and environment of computing. And once authorized, it will not be able to track and control user behavior dynamically. It may cause more risks when sharing resources. Aiming to resolve the above problems, a trust-role based context aware access control model is proposed relying on the measurement and verification of the \"trust credentials and evidences\" which embody the context information of user behavior and platform environment to achieve the security, dependable and dynamic access control for resource sharing.

Qiang Zhang,Xiaowei Wang,Zhenghu Gong

DOI: https://doi.org/10.1109/CSSE.2008.1363

2008-01-01

Abstract:We find that traditional authentication ways donpsilat act well in MANETs for the features of dynamic topology and non-existence of central facilities in mobile ad hoc networks. This paper presents a distributed trust proving language, which is based on role trust. The solution of constructing credential authentication infrastructure and the problem how to perform automated trust negotiation are also discussed. Our design defines roles and policies to make distributed trust negotiation and it can avoid unrelated credential fetching. Simulations show that Our design outperforms traditional trust negotiation ways and is more efficient as a security authentication mechanism in the MANET environments.

Fujun Feng,Chuang Lin,Dongsheng Peng,Junshan Li

DOI: https://doi.org/10.1109/HPCC.2008.37

2008-01-01

Abstract:In order to overcome the limitations in traditional access control models such as identity-based access control and meet the access requirements in distributed systems, we propose a Trust and Context based Access Control model called TCAC, it extends the traditional RBAC (role based access control) model with the notion of trust and context. Role assignment in TCAC is based on the trustworthiness and context information of users. The TCAC model is flexible, scalable, and well suitable for the dynamic and distributed systems. Then we provide a trust evaluation mechanism based on the local and global reputation to compute the trust value of a user in distributed system, which can avoid malicious nodes behave correctly in order to get the highest possible trust value. Finally an implementation framework of the access control system based on TCAC is described.