SafeFlow-x: An Efficient and Complete Strategy for Multiparty Trust Negotiation Over Distributed Networks

Abstract

Multiparty Trust Negotiation (MTN) is an emerging methodology for establishing trust between peers by gradually requesting and disclosing digitally signed credentials. However, a MTN strategy must be utilized to search for a successful negotiation based on the Access Control Policies (ACP). Previous work in this area focused on establishing trust between two parties (ATN), yet real life scenarios involved more than two parties in the negotiation process. Even if multiparty is involved, the Access Control Policies (ACP)proposed are either Identity based Access control policies (IBAC)as well as static policies, where the client has no say in decisions, like in the single sign-on systems, Shibboleth [11], and OpenID [14]; or the process is state full and has a high communication cost like in Zhang and Winslett work [9]. This paper provides a formal definition for the multiparty trust negotiation problem and proposes a novel MTN strategy, SafeFlow-$x$. SafeFlow-x is a stateless, safe, efficient and complete strategy. In the worst case, its communication complexity is $O(n)$, where $n$ is the total number of credentials requested, and its computational complexity is $O(k)$, where $k$ is the total size of peer's ACP when no cyclic dependencies occur.