微信服务号

微信订阅号

2025-4-8- 8
Home > Archive>Volume 18, Issue 8, 2007 >1958-1967
PDF HTML XML Export Cite reminder
A Trustworthiness Based Ad-Hoc Secure Interoperation Method
Author:
Affiliation:

  • Article
    • | |
  • Metrics
    • |
  • Reference [22]
    • |
  • Related
    • |
  • Cited by
    • | |
  • Comments
    Abstract:

    A trustworthiness-based ad-hoc secure interoperation method is proposed, in which the concept of trustworthiness is introduced to describe the probability of proper collaboration. The trustworthiness of an autonomic domain on a user is decided jointly by direct experiences of interactions and other domains’ assessments on the user. Only the users who satisfy the requirements of target domains’ trust policies have the privileges to access entry roles. Records of a user’s malicious actions will decrease his trustworthiness and then accordingly reduce his privileges. Target domain uses weighted majority algorithm to update recommender’s trustworthiness, which is reduced by unfair ratings. Experimental results show that this method can effectively resist cheating and malicious actions.

    Reference
    [1]Sandhu R,Coyne E,Feinstein H,Youman C.Role-Based access control models.IEEE Computer,1996,29(2):38-47.
    [2]Shafiq B.Access control management and security in multi-domain collaborative environments[Ph.D.Thesis].West Lafayette:Purdue University,2006.
    [3]Brewer D,Nash M.The Chinese wall security policy.In:Proc.of the IEEE Symp.on Security and Privacy.Oakland:IEEE Computer Society Press,1989.206-214.
    [4]Shehab M,Bertino E,Ghafoor A.Secure collaboration in mediator-free environments.In:Meadows C,Syverson P,eds.Proc.of the 12th ACM Conf.on Computer and Communications Security.Alexandria:ACM Press,2005.58-67.
    [5]Shehab M,Bertino E,Ghafoor A.SERAT:Secure role mapping technique for decentralized secure interoperability.In:Ferrari E,Ahn GJ,eds.Proc.of the ACM Symp.on Access Control Models and Technologies.Stockholm:ACM Press,2005.159-167.
    [6]Gong L,Qian X.The complexity and composability of secure interoperation.In:Proc.of the IEEE Symp.on Security and Privacy.Washington:IEEE Computer Society,1994.190-200.
    [7]Gong L,Qian X.Computational issues in secure interoperation.IEEE Trans.on Software and Engineering,1996,22(1):43-52.
    [8]Dawson S,Qian S,Samarati P.Providing security and interoperation of heterogeneous systems.Distributed Parallel Databases,2000,8(1):119-145.
    [9]Bonatti P,di Vimercati SDC,Samarati P.An algebra for composing access control policies.ACM Trans.on Information and System Security,2002,5(1):1-35.
    [10]Shafiq B,Joshi JB,Bertino E,Ghafoor A.Secure interoperation in a multi-domain environment employing RBAC policies.IEEE Trans.on Knowledge and Data Engineering,2005,17(11):1557-1577.
    [11]Zhang Y,Zhang WY,Li XX,Huai JP.Secure access control for group communication on multi-autonomous domains collaborative environment.Journal of Computer Research and Development,2005,42(9):l558-1563 (in Chinese with English abstract).
    [12]Shehab M,Bertino E,Ghafoor A.Workflow authorization in mediator-free environments.Int'l Journal of Security and Networks,2006,1(1/2):2-12.
    [13]Chakraborty S,Ray I.TrustBAC-Integrating trust relationships into the RBAC model for access control in open systems.In:Ferraiolo DF,Ray I,eds.Proc.of the ACM Symp.on Access Control Models and Technologies.Lake Tahoe:ACM Press,2006.49-58.
    [14]Beth T,Borcherding M,Klein B.Valuation of trust in open network.In:Gollmann D,ed.Proc.of the European Symp.on Research in Security (ESORICS).Brighton:Springer-Verlag,1994.3-18.
    [15]Abdul-Rahman A,Hailes S.A distributed trust model.In:Proc.of the 1997 New Security Paradigms Workshop.Langdale:ACM Press,1997.48-60.
    [16]Jφsang A.An algebra for assessing trust in certification chains.In:Kochmar J,ed.Proc.of the Network and Distributed Systems Security Symposium (NDSS'99).San Diego:Internet Society,1999.
    [17]Whitby A,Jφsang A,Indulska J.Filtering out unfair ratings in Bayesian reputation systems.The Icfain Journal of Management Research,2005,4(2):48-64.
    [18]Osborn SL,Sandhu R,Munawer Q.Configuring role-based access control to enforce mandatory and discretionary access control policies.ACM Trans.on Information and System Security,2000,3(2):85-106.
    [19]Littlestone N,Warmuth M.The weighted majority algorithm.Information and Computation,1994,108(2):212-261.
    [20]Jφsang A,Haller J.Dirichlet reputation systems.In:Tjoa AM,Xhafa F,eds.Proc.of the 2nd Int'l Conf.on Availability,Reliability and Security (ARES 2007).Barcelona:IEEE Computer Society,2007.112-119.
    [21]Shi JQ.A trust model with statistical foundation[MS.Thesis].Ottawa:University of Ottawa,2005.
    [11]张煜,张文燚,李先贤,怀进鹏.多自治域协同环境中群组通信的安全访问控制.计算机研究与发展,2005,42(9):l558-1563.
    Related
    Cited by
    Comments
    Comments
    分享到微博
    Submit
Get Citation

刘伟,蔡嘉勇,贺也平.一种基于信任度的自组安全互操作方法.软件学报,2007,18(8):1958-1967

Copy
Share
Article Metrics
  • Abstract:7198
  • PDF: 7369
  • HTML: 0
  • Cited by: 0
History
  • Received:March 01,2007
  • Revised:May 31,2007
Links:Institute of Software, CASChina Computer FederationCASNSFC
You are the first2033884Visitors
Copyright: Institute of Software, Chinese Academy of Sciences Beijing ICP No. 05046678-4
Address:4# South Fourth Street, Zhong Guan Cun, Beijing 100190,Postal Code:100190
Phone:010-62562563 Fax:010-62562533 Email:jos@iscas.ac.cn
Technical Support:Beijing Qinyun Technology Development Co., Ltd.

Beijing Public Network Security No. 11040202500063