计算机工程与应用 ›› 2008, Vol. 44 ›› Issue (15): 127-130.

• 网络、通信、安全 • 上一篇    下一篇

一种基于树建模的自动信任协商策略

姚 慧,高承实,戴 青,张 徐   

  1. 解放军信息工程大学 电子技术学院,郑州 450004
  • 收稿日期:2007-08-15 修回日期:2007-11-19 出版日期:2008-05-21 发布日期:2008-05-21
  • 通讯作者: 姚 慧

Tree-based strategy for automated trust negotiation

YAO Hui,GAO Cheng-shi,DAI Qing,ZHANG Xu   

  1. Institute of Electronic Technology,Information Engineering University,Zhengzhou 450004,China
  • Received:2007-08-15 Revised:2007-11-19 Online:2008-05-21 Published:2008-05-21
  • Contact: YAO Hui

摘要: 自动信任协商是跨多安全域的实体间建立信任关系的一种新方法,协商策略规定了协商过程中信任凭证和访问控制策略的披露方式。针对目前的研究中没有区分凭证的敏感度的问题,引入凭证权重的概念,设计了一种基于带权重的树的协商策略,采取局部取优的思想,每次在访问控制策略可选的情况下选取最小权重的凭证进行披露,直至协商成功或失败。经证明,该策略安全、完备且高效。

关键词: 自动信任协商, 协商策略, 信任凭证, 访问控制策略

Abstract: Automated Trust Negotiation is a new approach to establish trust relationship between strangers of different security domains on the network.The negotiation strategy specifies how the negotiation process executes and determines the exchanges of credentials and access control policies.Most research on negotiation strategy treat all credentials with the same sensitivity.The credential weight is introduced to solve the problem.A strategy based on the tree with weight is designed under the idea of local optimization.The entity will always choose the credential with the lowest weight to request for disclose until the negotiation ends with success or failure.The strategy is proved to be safe,complete and efficient.

Key words: Automated Trust Negotiation(ATN), negotiation strategy, credential, access control policy