期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

网格计算环境中的安全信任协商系统 被引量:4

Secure trust negotiation system for grid computing
下载PDF
导出
摘要 网格技术促进了广域网络环境下的资源共享和协同工作.然而,在网格环境中,服务的提供方和请求方往往位于不同的安全域,如何为位于不同安全区域的陌生主体间动态地建立信任关系成为一项应用难题.基于信任管理基础设施,通过协作主体间信任证、访问控制策略的交互披露逐渐为各方建立信任关系,设计并实现了一个保护协商方隐私信息的安全信任协商系统.该系统采用一种基于属性的委托授权信任证、访问控制策略及一致性验证算法,实现策略的动态调整,从而生成满足访问控制策略的所有最小可满足信任证集,能够使理论上存在的信任关系得以自动建立.通过在CROWN平台中的应用,显示该系统能够满足网格应用中信任自动建立和敏感信息保护的需求. Grid technology promotes resource sharing and collaboration over wide area network. However, service providers and requestors are always located in different secure domains in grid environment. How to establish trust between strangers without prior relationship has become a pressing problem. A system named secure trust negotiation system was designed and implemented, which depends on the trust management infrastructure, establishes trust between strangers with iterative disclosure of credentials and access control policies and can protect participants' private information. A sort of attributed-based authorization credential and access control policy was adopted. A novel algorithm for compliance checker of credentials and access policies was carefully designed, which can be used to generate all the minimal satisfied sets of credentials, so that the trust relationship exsited in theory can be established automatically. During the process of trust negotiation using this system, secure transmission of credentials disclosed was ensured by other subsystems of CROWN. Through the application in CROWN grid, it shows contributions to the automated trust establishment and privacy protection.
作者 张荣清 李建欣 怀进鹏
机构地区 北京航空航天大学计算机学院
出处 《北京航空航天大学学报》 EI CAS CSCD 北大核心 2006年第3期347-351,共5页 Journal of Beijing University of Aeronautics and Astronautics
基金 国家自然科学基金资助项目(90412011)
关键词 网络 信任管理 信任协商 一致性验证器 协商策略 network trust management trust negotiation compliance checker negotiation strategy
分类号 TP393.08 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献8

  • 1Yu T,Winslett M.A unified scheme for resource protection in automated trust negotiation[A].IEEE Symposium on Security and Privacy[C].Berkeley,California:IEEE,2003.110~122
  • 2Blaze M,Feigenbaum J,Lacy J.Decentralized trust management[A].Proceedings of 17th Symposium on Security and Privacy[C].Oakland:IEEE,1996.164 ~ 173
  • 3Winsborough W H,Seamons K E,Jones V E.Automated trust negotiation[A].DARPA Information Survivability Conference and Exposition[C].IEEE,2000.88 ~ 102
  • 4Barlow T,Hess A,Seamons K E.Trust negotiation in electronic markets[A].Eighth Research Symposium in Emerging Electronic Markets[C].Maastricht,Netherlands,2001
  • 5Li Ninghui,Winsborough W H,Mitchell J C,et al.Distributed credential chain discovery in trust management[A].Proceedings of the 8th ACM Conference on Computer and Communications Security[C].ACM Press,2001.156~ 165
  • 6Winslett M,Yu T,Seamons K E,et al.Negotiating trust on the web[A].IEEE Internet Computing[C].IEEE,2002.30~37
  • 7Hu Chunming,Huai Jinpeng,Zhu Yanmin,et al.Efficient information service management using service club in CROWN grid[A].Proceedings of the 2005 IEEE International Conference on Services Computing[C].IEEE Computer Society Press,2005.5 ~ 12
  • 8Amir H,Yosi M,Joris M,et al.Access control meets public key infrastructure[A].Proceedings of the 2000 IEEE Symposium on Security and Privacy[C].Oakland:IEEE Computer Society Press,2000.2 ~ 14

同被引文献32

  • 1路晓明,冯登国.一种基于身份的多信任域网格认证模型[J].电子学报,2006,34(4):577-582. 被引量:32
  • 2Blaze M,Feigenbaum J,Lacy J.Decentralized Trust Management[C]//Proceedings of the 17th Symposium on Securityand Privacy.Los Alamitos:IEEE Press,1996:164-173.
  • 3Winsborough W H,Seamons K E,Jones V E.Automated Trust Negotiation[C]//Proceedings of DARPA InformationSurvivability Conference and Exposition.Los Alamitos:IEEE Press,2000:88-102.
  • 4Castelluccia C,Jarecki S,Tsudik G.Secret Handshakes from Ca-oblivious Encryption[C]//Advances in Cryptology-ASIACRPT 2004:10th International Conference on the Theory and Application of Cryptology and Information Security.New York:Springer Press,2004:293-307.
  • 5Li N,Du W,Boneh D.Oblivious Signature-based Envelope[C]//Proceedings of the 22th ACM Symposium on Principlesof Distributed Computing(PODC 2003).New York:ACM Press,2003:182-189.
  • 6Holt J,Bradshaw R,Seamons K,et.al.Hidden Credentials[C]//2nd ACM workshop on Privacy in the Electronic Soci-ety.New York:ACM Press,2003:1-8.
  • 7Balfanz D,Durfee G,Shankar N,et al.Secret Handshakes from Pairing-Based Key Agreements[C]//Proceedings of the2003IEEE Symposium on Secret and Privacy.Los Alamitos:IEEE Press,2003:80-196.
  • 8Yu T,Winslett M,Seamons K E.Supporting Structured Credentials and Sensitive Policies Through Interoperable Strat-egies for Automated Trust Negotiation[J].ACM Transactions on Information and System Security(TISSEC),2003,6(1):1-42.
  • 9ELLISON C, FRANTZ B, et al. SPKI Certificate Theory, RFC 2693[S]. 1999.
  • 10LI N H, MITCHELL J C, WINSBOROUGH W H. Design of a role-based trust-management framework[A]. Proceedings of the 2002 IEEE Symposium on Security and Privacy[C]. Oakland, CA, USA, 2002. 114-130.

引证文献4

二级引证文献10

北京航空航天大学学报
2006年 第3期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部