NAGUAL: A Novel Automated Trust Negotiation Model Based on Attribute Constraint

Automated Trust Negotiation (ATN) is a promising approach which establishes mutual trust between strangers through the iterative disclosure of digital credentials and access control policies of the two negotiation parties. Although many ATN systems are proposed, some issues still remain to be addressed: (1) their policy languages are coarse-grained; (2) they cannot generate all trust sequences and are short of the mechanism for evaluating trust sequences and selecting an optimal one. Therefore, we present a novel ATN, called NAGUAL. First, attribute constraint is introduced into NAGUAL in order to refine its policy language, which cannot only protect sensitive services and certificates effectively, but also enhance the flexibility of NAGUAL. Second, global access control policy is used to terminate impossible negotiation in advance, which can improve the negotiation efficiency of NAGUAL. Third, we describe the process of generating trust sequence using trust sequence search tree. Based on that tree, breadth-first can generate a trust sequence or all ones. Last, we evaluate trust sequences through disclosure cost and communication overhead for attribute certificates, which facilitates selecting an optimal one. This paper illuminates the usage of NAGUAL by using a typical example.

[1]  K.E. Seamons,et al.  Automated trust negotiation , 2000, Proceedings DARPA Information Survivability Conference and Exposition. DISCEX'00.

[2]  WinslettMarianne,et al.  Supporting structured credentials and sensitive policies through interoperable strategies for automated trust negotiation , 2003 .

[3]  Xiaoyang Sean Wang,et al.  Authorization in trust management: Features and foundations , 2008, CSUR.

[4]  Elisa Bertino,et al.  Trust-/spl Xscr/;: a peer-to-peer framework for trust establishment , 2004, IEEE Transactions on Knowledge and Data Engineering.

[5]  Ninghui Li,et al.  Towards practical automated trust negotiation , 2002, Proceedings Third International Workshop on Policies for Distributed Systems and Networks.

[6]  Seng-Phil Hong,et al.  Access control in collaborative systems , 2005, CSUR.

[7]  Xiaoshe Dong,et al.  Automated Trust Negotiation Based on Concurrent Zero-Knowledge for e-Business Applications , 2008, 2008 IEEE International Conference on e-Business Engineering.

[8]  Siyuan Ma,et al.  A Framework for Reputation Management in Large-Scale Distributed Systems , 2007, CSCWD.

[9]  Elisa Bertino,et al.  Achieving privacy in trust negotiations with an ontology-based approach , 2006, IEEE Transactions on Dependable and Secure Computing.

[10]  Marianne Winslett,et al.  Supporting structured credentials and sensitive policies through interoperable strategies for automated trust negotiation , 2003, TSEC.

[11]  Yinfeng Wang,et al.  A Constellation Model for Grid Resource Management , 2005, APPT.