IEEE
TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING - FEBRUARY 2012
Technology - Available in Android & J2EE
Technology - Available in Android & J2EE
Abstract—Trust Negotiation has shown to be a
successful, policy-driven approach for automated trust establishment, through
the release of digital credentials. Current real
applications require new flexible approaches to trust negotiations, especially
in light of the widespread use of mobile devices. In this paper, we
present a multisession dependable approach to trust negotiations. The
proposed framework supports voluntary and unpredicted interruptions,
enabling the negotiating parties to complete the negotiation
despite temporary unavailability of resources. Our protocols address
issues related to validity, temporary loss of data, and
extended unavailability of one of the two negotiators. A peer is able to
suspend an ongoing negotiation and resume it with another (authenticated)
peer. Negotiation portions and intermediate states can be safely and privately
passed among peers, to guarantee the stability needed to continue
suspended negotiations. We present a detailed analysis showing that our
protocols have several key properties, including validity, correctness,
and minimality. Also, we show how our negotiation protocol can withstand the
most significant attacks. As by our complexity analysis, the introduction
of the suspension and recovery procedures and mobile negotiations does not
significantly increase the complexity of ordinary negotiations. Our protocols
require a constant number of messages whose size linearly depend on the
portion of trust negotiation that has been carried before the suspensions.
No comments:
Post a Comment