To enhance the practicability of the trust negotiation system, an agent based automated trust negotiation model (ABAM) is proposed. The ABAM introduces an agent to keep the negotiation process with no human interven...To enhance the practicability of the trust negotiation system, an agent based automated trust negotiation model (ABAM) is proposed. The ABAM introduces an agent to keep the negotiation process with no human intervention. Meanwhile, the ABAM specifies the format of a meta access control policy, and adopts credentials with flexible format to meet the requirements of access control policies instead of disclosing the whole contents of a certificate. Furthermore, the ABAM uses asymmetric functions with a high security intensity to encrypt the transmitting message, which can prevent information from being attacked. Finally, the ABAM presents a new negotiation protocol to guide the negotiation process. A use case is studied to illuminate that the ABAM is sound and reasonable. Compared with the existing work, the intelligence, privacy and negotiation efficiency are improved in the ABAM.展开更多
Automated trust negotiation (ATN) offers an at- tractive means for trust establishments, which establishes mu- tual trust among strangers wishing to share resources or con- duct business, but it comes at the cost of...Automated trust negotiation (ATN) offers an at- tractive means for trust establishments, which establishes mu- tual trust among strangers wishing to share resources or con- duct business, but it comes at the cost of non-trivial computa- tion and communication overheads. The deployment of ATN strategies on a resource-constrained mobile device may lead to user-obstructive latency for operations. In this paper, we propose a trust negotiation strategy called trust target Petri nets negotiation strategy (TPNNS). It highly reduces the ne- gotiation latency in the mobile device compared with other negotiation strategies, since it considers all the alternative re- sponses at each step and chooses the best one. TPNNS sup- ports cycle avoidance and employs skipped TPN which is a new approach presented in this paper. What is more, it is complete and ensures no irrelevant credentials are disclosed during the trust negotiation.展开更多
Automated trust negotiation (ATN) is an approach to establishing mutual trust between strangers wishing to share resources or conduct business by gradually requesting and disclosing digitally signed credentials. In ...Automated trust negotiation (ATN) is an approach to establishing mutual trust between strangers wishing to share resources or conduct business by gradually requesting and disclosing digitally signed credentials. In ATN, there are conflicts between negotiation success and sensitive information protection, that is, these two needs cannot be given priority at the same time, which is a challenging problem to resolve. In this paper, a language independent ATN framework, which is dynamic, flexible and adaptive, is presented to address this problem, ensuring negotiation success without sensitive information leakage. This framework is independent of the policy language which is used. However, the language used should have the capability to specify all kinds of sensitive information appearing in credentials and policies, and support the separation of attribute disclosure from credential disclosure. Thus definitions of new language features, which can be incorporated into existing policy languages, are given, enabling the used language to support the capabilities mentioned above.展开更多
基金The National Natural Science Foundation of China(No60403027)
文摘To enhance the practicability of the trust negotiation system, an agent based automated trust negotiation model (ABAM) is proposed. The ABAM introduces an agent to keep the negotiation process with no human intervention. Meanwhile, the ABAM specifies the format of a meta access control policy, and adopts credentials with flexible format to meet the requirements of access control policies instead of disclosing the whole contents of a certificate. Furthermore, the ABAM uses asymmetric functions with a high security intensity to encrypt the transmitting message, which can prevent information from being attacked. Finally, the ABAM presents a new negotiation protocol to guide the negotiation process. A use case is studied to illuminate that the ABAM is sound and reasonable. Compared with the existing work, the intelligence, privacy and negotiation efficiency are improved in the ABAM.
文摘Automated trust negotiation (ATN) offers an at- tractive means for trust establishments, which establishes mu- tual trust among strangers wishing to share resources or con- duct business, but it comes at the cost of non-trivial computa- tion and communication overheads. The deployment of ATN strategies on a resource-constrained mobile device may lead to user-obstructive latency for operations. In this paper, we propose a trust negotiation strategy called trust target Petri nets negotiation strategy (TPNNS). It highly reduces the ne- gotiation latency in the mobile device compared with other negotiation strategies, since it considers all the alternative re- sponses at each step and chooses the best one. TPNNS sup- ports cycle avoidance and employs skipped TPN which is a new approach presented in this paper. What is more, it is complete and ensures no irrelevant credentials are disclosed during the trust negotiation.
文摘Automated trust negotiation (ATN) is an approach to establishing mutual trust between strangers wishing to share resources or conduct business by gradually requesting and disclosing digitally signed credentials. In ATN, there are conflicts between negotiation success and sensitive information protection, that is, these two needs cannot be given priority at the same time, which is a challenging problem to resolve. In this paper, a language independent ATN framework, which is dynamic, flexible and adaptive, is presented to address this problem, ensuring negotiation success without sensitive information leakage. This framework is independent of the policy language which is used. However, the language used should have the capability to specify all kinds of sensitive information appearing in credentials and policies, and support the separation of attribute disclosure from credential disclosure. Thus definitions of new language features, which can be incorporated into existing policy languages, are given, enabling the used language to support the capabilities mentioned above.