摘要
自动信任协商为开放环境中希望进行资源共享或业务协作的陌生双方提供了一种灵活的信任建立方法。然而现有自动信任协商系统之间不具备可互相操作性,首要原因是缺少一个统一的信任协商协议。提出了一种不依赖于协商策略的信任协商协议,将协议消息划分为资源请求、信息披露和终止协商3种类型并定义了消息的格式,阐明了协商过程的3种状态及状态之间的转化关系,同时给出了协议实现算法。分析表明,该协议支持包括多种格式信任证在内的数字断言和不同策略语言描述的访问控制策略的披露,允许在一次协商过程中使用多种协商策略进行协商,以满足不同应用场景的协商需求,因而具有明显的通用性。
Automated trust negotiation is a flexible approach to establish mutual trust between strangers that wish to share resources or conduct business transactions in open environments.However,existing automated trust negotiation systems cannot interoperate with each other.The main reason is lack of a unified trust negotiation protocol.A strategyindependent trust negotiation protocol was presented.In the protocol,message was classified into three categories:resource request message,information disclosure message and ending negotiation message,and their form was defined.Three states of the negotiation process and the transformation between them wre illustrated,and the protocol algorithm was expressed using pseudo codes.The analysis indicates that the protocol supports the disclosure of digital assertions including credentials with various formats and access policies specified with different policy languages,and allows adopting manifold strategies in one negotiation process,and satisfies to negotiate in various application scenes,and is provided with distinct generality as a result.
出处
《计算机科学》
CSCD
北大核心
2010年第11期34-37,共4页
Computer Science
基金
国家自然科学基金项目(60873225
60773191
70771043)
国家高技术研究发展计划(863计划)项目(2007AA01Z403)
软件工程国家重点实验室开放基金项目(SKLSE20080718)
华中科技大学自主创新基金项目(01-09-210014)资助
关键词
自动信任协商
协商协议
协商策略
可互操作性
Automated trust negotiation
Negotiation protocol
Negotiation strategy
Interoperability
