Enhancing access control for mobile devices with an agnostic trust negotiation decision engine

Dynamic open environments demand trust negotiation systems for unknown entities willing to communicate. A security context has to be negotiated gradually in a fair peer to peer basis depending on the security level demanded by the application. Trust negotiation engines are driven by decision engines that lack of flexibility: depend on the implementation, policies languages or credentials types to be used. In this paper we present an agnostic engine able to combine all that information despite its origin or language allowing to select policies or requirements, credentials and resources to disclose, according to user preferences and context using iterative weighted Multidimensional Scaling to assist a mobile device during a trust negotiation.

[1]  Ying Zhang,et al.  Localization from mere connectivity , 2003, MobiHoc '03.

[2]  David W. Chadwick,et al.  The PERMIS X.509 role based privilege management infrastructure , 2002, SACMAT '02.

[3]  J. Kruskal Multidimensional scaling by optimizing goodness of fit to a nonmetric hypothesis , 1964 .

[4]  Andreas Matheus,et al.  How to Declare Access Control Policies for XML Structured Information Objects using OASIS' eXtensible Access Control Markup Language (XACML) , 2005, Proceedings of the 38th Annual Hawaii International Conference on System Sciences.

[5]  P. Groenen,et al.  Modern Multidimensional Scaling: Theory and Applications , 1999 .

[6]  J. Platt Fast embedding of sparse music similarity graphs , 2003, NIPS 2003.

[7]  Anna Cinzia Squicciarini Trust Negotiation Systems , 2004, EDBT Workshops.

[8]  Patrick J. F. Groenen,et al.  Modern Multidimensional Scaling: Theory and Applications , 2003 .

[9]  Elisa Bertino,et al.  Secure knowledge management: confidentiality, trust, and privacy , 2006, IEEE Transactions on Systems, Man, and Cybernetics - Part A: Systems and Humans.

[10]  Andrés Marín López,et al.  Context awareness in network selection for dynamic environments , 2006, PWC.

[11]  Elisa Bertino,et al.  /spl Xscr/-TNL: an XML-based language for trust negotiations , 2003, Proceedings POLICY 2003. IEEE 4th International Workshop on Policies for Distributed Systems and Networks.

[12]  Amir Herzberg,et al.  Access control meets public key infrastructure, or: assigning roles to strangers , 2000, Proceeding 2000 IEEE Symposium on Security and Privacy. S&P 2000.

[13]  Forrest W. Young,et al.  Nonmetric individual differences multidimensional scaling: An alternating least squares method with optimal scaling features , 1977 .

[14]  R. Shepard The analysis of proximities: Multidimensional scaling with an unknown distance function. II , 1962 .

[15]  Andrés Marín López,et al.  Secure Ad-Hoc mBusiness: EnhancingWindowsCE Security , 2004, TrustBus.

[16]  Elisa Bertino,et al.  An integrated approach to federated identity and privilege management in open systems , 2007, CACM.