期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

COTN:基于契约的信任协商系统 被引量:18

COTN:A Contract-Based Trust Negotiation System
下载PDF
导出
摘要 基于改进的信任管理和协商技术,通过属性信任证实现多种类型的权限委托,设计并实现了一个基于契约的信任协商(COntract-basedTrustNegotiation,COTN)系统.在该系统中,引入了基于契约的信任协商方法,既在契约确立过程中预先终止无法进行的协商请求,又在契约约定下的协商过程中研究了对信任证和访问控制策略中隐私信息的保护,以高效、可靠地自动建立信任关系.目前,COTN系统已在网格中间件平台CROWN中得以应用,并采用信任票据和策略缓冲机制提高系统运行性能.通过相关实验表明该系统具有较好的稳定性和可用性. A novel contract-based trust negotiation(COTN) system is designed and implemented based on the enhanced trust management and trust negotiation technologies. It leverages attribute-based credential to support various kinds of delegation, where attribute parameters constrains and delegation constrains are also employed. The authors firstly introduce a contract mechanism to ensure the trustworthiness of negotiation for COTN system. The COTN system not only provides the functions to terminate impossible negotiation in advance but also is able to protect the sensitive credentials and sensitive information in the access control policies. This system has been successfully implemented as useful components and fundamental security services in CROWN Grid, and methods such as trust tickets and policies caching which can greatly increase servicers efficiency are used. Furthermore, the approach is evaluated by comprehensive experiments, and the results show that it is feasible and applicable.
作者 李建欣 怀进鹏
机构地区 北京航空航天大学计算机学院
出处 《计算机学报》 EI CSCD 北大核心 2006年第8期1290-1300,共11页 Chinese Journal of Computers
基金 国家自然科学重大研究计划基金(90412011) 国家"九七三"重点基础研究发展规划项目基金(2005CB321803)资助.
关键词 信息安全 信任管理 信任协商 隐私保护 信任证 访问控制策略 information security trust managment trust negotiation privacy preservation credential access control policy
分类号 TP309 [自动化与计算机技术—计算机系统结构]
  • 相关文献

参考文献20

  • 1Thompson M. R., Essiari A., Mudumbai S.. Certificatebased authorization policy in a PKI environment. ACM Transactions on Information and System Security(TISSEC), 2003, 6(4): 566-588
  • 2Chadwick D. W. , Otenko A.. The PERMIS X. 509 role based privilege management infrastructure. In: Proceedings of the 7th ACM Symposium on Access Control Models and Technologies (SACMAT), Monterey, California, USA, 2002, 135-140
  • 3Blaze M. , Feigenbaum J. , Lacy J.. Decentralized trust management. In: Proceedings of the IEEE Symposium on Securityand Privacy, Oakland, CA, USA, 1996, 164-173
  • 4徐锋,吕建.Web安全中的信任管理研究与进展[J].软件学报,2002,13(11):2057-2064. 被引量:113
  • 5Li N. , Mitchell J. C. , Winsborough W. H.. Design of a Role-based trust management framework. In: Proceedings of the 2002 IEEE Symposium on Security and Privacy, Berkeley, California, 2002, 114-130
  • 6Clarke D. , Ellen J. E. , Ellison C. , Fredette M. , Morcos A. ,Rivest R. L.. Certificate chain discovery in SPKI/SDSI. Journal of Computer Security, 2001, 9(4):285-322
  • 7Winsborough W. H. , Seamons K. E. , Jones V.E.. Automated trust negotiation. In: Proceedings of the DARPA Information Survivability Conference and Exposition, 2000, 88-102
  • 8李建欣,怀进鹏,李先贤.自动信任协商研究[J].软件学报,2006,17(1):124-133. 被引量:52
  • 9Yu T. , Winslett M. , Seamons K.E.. Supporting structured credentials and sensitive policies through interoperahle strategies for automated trust negotiation. ACM Transactions on Information and System Security(TISSEC), 2003, 6(1): 1-42
  • 10Sun H., Zhu Y., Hu C., Huai J., Liu Y., Li J.. Early experience of remote and hot service deployment with trustworthiness in CROWN grid. In: Proceedings of the 6th International Workshop on Advanced Parallel Processing Technologies,Hong Kong, China, 2005, 301-312

二级参考文献21

  • 1Blaze, M., Feigenbaum, J., Ioannidis, J., et al. The role of trust management in distributed systems security. In: Secure Internet Programming: Issues for Mobile and Distributed Objects. Berlin: Springer-Verlag, 1999. 185~210.
  • 2Khare, R., Rifkin, A. Trust management on World Wide Web. World Wide Web Journal, 1997,2(3):77~112.
  • 3Blaze, M., Feigenbaum, J., Lacy, J. Decentralized trust management. In: Dale, J., Dinolt, G., eds. Proceedings of the 17th Symposium on Security and Privacy. Oakland, CA: IEEE Computer Society Press, 1996. 164~173.
  • 4Abdul-Rahman, A., Hailes, S. A distributed trust model. In: Proceedings of the 1997 New Security Paradigms Workshop. Cumbria, UK: ACM Press, 1998. 48~60. http://www.ib.hu-berlin.de/~kuhlen/VERT01/abdul-rahman-trust-model1997.pdf.
  • 5Abdul-Rahman, A., Hailes, S. Using recommendations for managing trust in distributed systems. In: Proceedings of the IEEE Malaysia International Conference on Communication'97 (MICC'97). Kuala Lumpur: IEEE Press, 1997. http://citeseer.nj.nec.com/ 360414.html.
  • 6Yahalom, R., Klein, B., Beth, T. Trust relationships in secure systems--a distributed authentication perspective. In: Proceedings of the 1993 IEEE Symposium on Research in Security and Privacy. IEEE Press, 1993. 50~164. http://isbn.nu/0818633700.
  • 7Beth, T., Borcherding, M., Klein, B. Valuation of trust in open network. In: Gollmann, D., ed. Proceedings of the European Symposium on Research in Security (ESORICS). Brighton: Springer-Verlag, 1994. 3~18.
  • 8Blaze, M., Feigenbaum, J., Keromytis, A.D. Keynote: trust management for public-key infrastructures. In: Christianson, B., Crispo, B., William, S., et al., eds. Cambridge 1998 Security Protocols International Workshop. Berlin: Springer-Verglag, 1999. 59~63.
  • 9Chu, Y.-H., Feigenbaum, J., LaMacchia, B., et al. REFEREE: trust management for Web applications. World Wide Web Journal, 1997,2(2):127~139.
  • 10Povey, D. Developing electronic trust policies using a risk management model. In: Proceedings of the 1999 CQRE Congress. 1999. 1~16. http://security.dstc.edu.au/staff/povey/papers/CQRE/123.pdf.

共引文献159

同被引文献186

引证文献18

二级引证文献69

计算机学报
2006年 第8期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部