Remembrance of Local Information Status for Enforcing Robustness of Policy-Exchanged Strategies for Trust Negotiation

Trust Negotiation, as a complex access control approach, can enable two unknown entities to establish a bilateral trust relationship. The complexity of Trust Negotiation may be ascribed to its support for the use of different strategies. Currently, a variety of strategies have been designed for Trust Negotiation, and the majority can support the exchange of authorisation policies during the conduction of Trust Negotiation. However, innate vulnerability issues still exist within these strategies including (1) there is no approach for automatic detection of Policy Cyclic Dependencies and (2) there is no approach for defending against Repetitive Credential Request Attacks. This paper proposes a solution design based on the idea of the remembrance of local information status aiming to address the two vulnerability.

[1]  Kent E. Seamons,et al.  Content-triggered trust negotiation , 2004, TSEC.

[2]  D. Richard Kuhn,et al.  Role-Based Access Controls , 2009, ArXiv.

[3]  Marianne Winslett,et al.  Requirements for policy languages for trust negotiation , 2002, Proceedings Third International Workshop on Policies for Distributed Systems and Networks.

[4]  Li Zhou,et al.  Adaptive trust negotiation and access control , 2005, SACMAT '05.

[5]  Marianne Winslett,et al.  Trust Negotiation as an Authorization Service forWeb Services , 2006, 22nd International Conference on Data Engineering Workshops (ICDEW'06).

[6]  Piero A. Bonatti,et al.  On Interoperable Trust Negotiation Strategies , 2007, Eighth IEEE International Workshop on Policies for Distributed Systems and Networks (POLICY'07).

[7]  Elisa Bertino,et al.  Trust-/spl Xscr/;: a peer-to-peer framework for trust establishment , 2004, IEEE Transactions on Knowledge and Data Engineering.

[8]  Jin Tong,et al.  Attributed based access control (ABAC) for Web services , 2005, IEEE International Conference on Web Services (ICWS'05).

[9]  Tim Moses,et al.  EXtensible Access Control Markup Language (XACML) version 1 , 2003 .

[10]  Hongwei Lu,et al.  DFANS: A highly efficient strategy for automated trust negotiation , 2009, Comput. Secur..

[11]  Elisa Bertino,et al.  PP-trust-X: A system for privacy preserving trust negotiations , 2007, TSEC.

[12]  Qiong Huang,et al.  An ontology-based approach to automated trust negotiation , 2013, Comput. Stand. Interfaces.

[13]  Marianne Winslett,et al.  PRUNES: an efficient and complete strategy for automated trust negotiation over the Internet , 2000, CCS.

[14]  K.E. Seamons,et al.  Automated trust negotiation , 2000, Proceedings DARPA Information Survivability Conference and Exposition. DISCEX'00.

[15]  Li Jianli,et al.  Multi-negotiation targets in Automated Trust Negotiation over TrustBuilder2 framework , 2012, 2012 8th International Conference on Computing Technology and Information Management (NCM and ICNIT).

[16]  Marianne Winslett,et al.  Supporting structured credentials and sensitive policies through interoperable strategies for automated trust negotiation , 2003, TSEC.

[17]  Elisa Bertino,et al.  A Flexible Approach to Multisession Trust Negotiations , 2012, IEEE Transactions on Dependable and Secure Computing.

[18]  Ninghui Li,et al.  Oblivious signature-based envelope , 2003, PODC '03.

[19]  Yunxi Zhang,et al.  An XML-based protocol for improving trust negotiation between Web Services , 2012, SAC '12.

[20]  Wenbao Jiang,et al.  An Adaptive Automated Trust Negotiation Model and Algorithm , 2010, 2010 International Conference on Communications and Intelligence Information Security.

[21]  Kent E. Seamons,et al.  Trust Negotiation in Electronic Markets , 2001 .

[22]  Marianne Winslett,et al.  TrustBuilder2: A Reconfigurable Framework for Trust Negotiation , 2009, IFIPTM.

[23]  Kent E. Seamons,et al.  Negotiating Disclosure of Sensitive Credentials , 1999 .

[24]  Marianne Winslett,et al.  Interoperable strategies in automated trust negotiation , 2001, CCS '01.

[25]  Fabio Casati,et al.  Modeling Trust Negotiation for Web Services , 2009, Computer.