谈判信任的策略安全保护

2007 Third International IEEE Conference on Signal-Image Technologies and Internet-Based System Pub Date : 2007-12-16 DOI:10.1109/SITIS.2007.138

Dong Li, Linpeng Huang

{"title":"谈判信任的策略安全保护","authors":"Dong Li, Linpeng Huang","doi":"10.1109/SITIS.2007.138","DOIUrl":null,"url":null,"abstract":"The dynamic and cross-organizational aspects of Grid introduce challenging management and policy issues for controlling access to the resources. Automated trust negotiation is an approach which establishes trust between strangers through the bilateral, iterative disclosure of digital credentials. Sensitive credentials are protected by access control policies which may also be communicated to the other party. In this paper, we propose a policy security protecting solution as a mechanism to help prevent unauthorized information inferences during trust negotiation. Compared to the existing safety model, our policy security protecting solution focuses on the actual information gain during trust negotiation instead of the exchanged messages. Thus, it directly reflects the essence of safety in sensitive information protection. Based on the proposed solution, We show that policy security protecting solution achieve the same protection of sensitive information as existing solutions without imposing additional complications to the interaction between negotiation participants or restricting userspsila autonomy in defining their own policies.","PeriodicalId":234433,"journal":{"name":"2007 Third International IEEE Conference on Signal-Image Technologies and Internet-Based System","volume":"22 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2007-12-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Policy Security Protecting for Negotiating Trust\",\"authors\":\"Dong Li, Linpeng Huang\",\"doi\":\"10.1109/SITIS.2007.138\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The dynamic and cross-organizational aspects of Grid introduce challenging management and policy issues for controlling access to the resources. Automated trust negotiation is an approach which establishes trust between strangers through the bilateral, iterative disclosure of digital credentials. Sensitive credentials are protected by access control policies which may also be communicated to the other party. In this paper, we propose a policy security protecting solution as a mechanism to help prevent unauthorized information inferences during trust negotiation. Compared to the existing safety model, our policy security protecting solution focuses on the actual information gain during trust negotiation instead of the exchanged messages. Thus, it directly reflects the essence of safety in sensitive information protection. Based on the proposed solution, We show that policy security protecting solution achieve the same protection of sensitive information as existing solutions without imposing additional complications to the interaction between negotiation participants or restricting userspsila autonomy in defining their own policies.\",\"PeriodicalId\":234433,\"journal\":{\"name\":\"2007 Third International IEEE Conference on Signal-Image Technologies and Internet-Based System\",\"volume\":\"22 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2007-12-16\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2007 Third International IEEE Conference on Signal-Image Technologies and Internet-Based System\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/SITIS.2007.138\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2007 Third International IEEE Conference on Signal-Image Technologies and Internet-Based System","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SITIS.2007.138","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

摘要

网格的动态和跨组织方面为控制对资源的访问引入了具有挑战性的管理和策略问题。自动信任协商是一种通过双边、迭代地披露数字凭证在陌生人之间建立信任的方法。敏感凭据由访问控制策略保护，访问控制策略也可以传达给另一方。在本文中，我们提出了一种策略安全保护方案作为一种机制，以帮助防止在信任协商过程中未经授权的信息推断。与现有的安全模型相比，我们的策略安全保护方案侧重于信任协商过程中实际获得的信息，而不是交换的消息。因此，它直接反映了敏感信息保护的安全本质。基于所提出的解决方案，我们证明了策略安全保护解决方案实现了与现有解决方案相同的敏感信息保护，而不会给协商参与者之间的交互带来额外的复杂性，也不会限制用户在定义自己的策略时的自主权。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Policy Security Protecting for Negotiating Trust

The dynamic and cross-organizational aspects of Grid introduce challenging management and policy issues for controlling access to the resources. Automated trust negotiation is an approach which establishes trust between strangers through the bilateral, iterative disclosure of digital credentials. Sensitive credentials are protected by access control policies which may also be communicated to the other party. In this paper, we propose a policy security protecting solution as a mechanism to help prevent unauthorized information inferences during trust negotiation. Compared to the existing safety model, our policy security protecting solution focuses on the actual information gain during trust negotiation instead of the exchanged messages. Thus, it directly reflects the essence of safety in sensitive information protection. Based on the proposed solution, We show that policy security protecting solution achieve the same protection of sensitive information as existing solutions without imposing additional complications to the interaction between negotiation participants or restricting userspsila autonomy in defining their own policies.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2007 Third International IEEE Conference on Signal-Image Technologies and Internet-Based System

自引率

0.00%

发文量