Skip to main content
SpringerLink
Log in

A Formal Framework for Expressing Trust Negotiation in the Ubiquitous Computing Environment

  • Conference paper
Ubiquitous Intelligence and Computing (UIC 2008)

Part of the book series: Lecture Notes in Computer Science ((LNISA,volume 5061))

Included in the following conference series:

Abstract

There are lots of entities in the ubiquitous computing environment. For the traditional public key Infrastructure (PKI), every entity should be signed a valid certificate by the certificate authentication center. However, it’s hard to construct a centralized trust management framework and assign a valid certificate for every entity in the ubiquitous computing environment because of large numbers of dynamic entities. Trust negotiation (TN) is an important means to establish trust between strangers in ubiquitous computing systems through the exchange of digital credentials and mobile access control policies specifying what combinations of credentials a stranger must submit. Current existing TN technologies, such as TrustBuilder and KeyNote, focused on how to solve a certain problem by using some special techniques. In this paper, we present a formal framework for expressing trust negotiation. The framework specifies the basic concepts, elements and the semantics of TN. By analyzing TN, we point out how to build a TN system in practice.

The project is supported by National Natural Science Foundation of China under Grant No. 60503040.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Xin, L.L., Min, C.W., Lian, H.S.: Realizing Mandatory Access Control in Role-Based Security System. Journal of Software 11(10), 1320–1325 (2000) (in Chinese with English abstract)

    Google Scholar 

  2. Sandhu, R.S., Coyne, E.J., Feinstein, H.L., Youman, C.E.: Role-based access control models. IEEE Computer 29(2), 38–47 (1996)

    Google Scholar 

  3. Liao, Z.S., Jin, H., Li, C.S., Zou, D.Q.: Automated trust negotiation and its development trend. Journal of Software 17(9), 1933–1948 (2006) (in Chinese with English abstract)

    Google Scholar 

  4. Winsborough, W.H., Li, N.: Towards practical automated trust negotiation. In: Proceedings of the 3rd International Workshop on Policies for Distributed Systems and Networks, pp. 92–103. IEEE Computer Society Press, Los Alamitos (2002)

    Chapter  Google Scholar 

  5. Jin, H., Liao, Z.S., Zou, D.Q., Qiang, W.Z.: A new approach to hide policy for automated trust negotiation. In: Yoshiura, H., Sakurai, K., Rannenberg, K., Murayama, Y., Kawamura, S.-i. (eds.) IWSEC 2006. LNCS, vol. 4266, pp. 168–178. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  6. Trusted Computer System Evaluation Criteria. America Department of Defense, CSC-STD-001-93 (1983)

    Google Scholar 

  7. Seamons, K.E., Winslett, M., Yu, T., Smith, B., Child, E., Jacobson, J., Mills, H., Yu, L.: Requirements for Policy languages for Trust Negotiation. In: Proceeding of 3rd IEEE Intel Workshop on Policies for Distributed Systems and Networks, pp. 68–79. IEEE Computer Society Press, Los Alamitos (2002)

    Chapter  Google Scholar 

  8. The TrustBuilder Porject, http://isrl.cs.byu.edu/

  9. Blaze, M., Feigenbaum, J., Lacy, J.: Decentralized Trust Management. In: Proceeding of the 17th symposium on Security and Privacy, pp. 164–173. IEEE CS Press, Los Alamitos (1996)

    Google Scholar 

  10. Blaze, M., Feigenbaum, J., Ioannidis, J., Keromytis, A.D.: The KeyNote Trust-Management System (Version 2). IETF RFC 2704 (September 1999)

    Google Scholar 

  11. Blaze, M., Feigenbaum, J., Strauss, M.: Compliance checking in the Poliymaker Trust Management System. In: Proceeding of 2nd Financial Crypto Conference, pp. 205–216. IEEE Press, Los Alamitos (1998)

    Google Scholar 

  12. Jim, T.: SD3: a trust management system with certificate evaluation. In: Proceeding of the 2001 IEEE Symposium on Security and Privacy, pp. 106–115. IEEE CS Press, Los Alamitos (2001)

    Google Scholar 

  13. Yu, T., Ma, X., Winslett, M.: PRUNES: An Efficient and Complete Strategy for Automated Trust Negotiation over the Internet. In: Proceeding of the 2000 ACM Conference on Computer and Communications Security, pp. 88–97. ACM Press, New York (2000)

    Google Scholar 

  14. Bertino, E., Ferrari, E., Squicciarini, A.: Trust-X: A peer to peer framework for trust negotiations. In: Proceeding of IEEE Transaction on Knowledge and Data Engineering, pp. 132–138. IEEE CS Press, Los Alamitos (2004)

    Google Scholar 

  15. Li, N., Du, W., Boneh, D.: Oblivious signature-based envelope. In: Proceeding of the 22nd ACM Symposium on Principles of Distributed Computing, pp. 182–189. ACM Press, New York (2003)

    Google Scholar 

  16. Holt, J.E., Bradshaw, R., Seamons, K.E., Orman, H.: Hidden credentials. In: Proceedings of 2nd ACM Workshop on Privacy in the Electronic Society, pp. 1–8. ACM Press, New York (2003)

    Chapter  Google Scholar 

  17. Bradshaw, R.W., Holt, J.E., Seamons, K.E.: Concealing Complex Policies with Hidden Credentials. In: Proceedings of the 4th ACM Conference on Computer and Communications Security, pp. 245–253. ACM Press, New York (2004)

    Google Scholar 

  18. Frikken, K., Atallah, M., Li, J.: Hidden Access Control Policies with Hidden Credentials. In: Proceedings of the 3rd ACM Workshop on Privacy in the Electronic Society, pp. 130–131. ACM Press, New York (2004)

    Google Scholar 

  19. Li, J., Li, N.: OACerts: Oblivious Attribute Certificates. In: Proceeding of 3rd Conference on Applied Cryptography and Network Security, pp. 108–121. ACM Press, New York (2003)

    Google Scholar 

  20. Johannes, B., Seifert, J.P.: Fault Based Cryptanalysis of the Advanced Encryption Standard (AES). In: Wright, R.N. (ed.) FC 2003. LNCS, vol. 2742, pp. 162–181. Springer, Heidelberg (2003)

    Google Scholar 

  21. Ferguson, N., Kelsey, J., et al.: Improved Cryptanalysis of Rijndael. In: Proceedings of 7th International Workshop of Fast Software Encryption, vol. 1987, pp. 136–141. Springer, Heidelberg (2001)

    Google Scholar 

  22. Rivest, R.L., Shamir, A., Adleman, L.M.: A method for obtaining digital signatures and public key crytosystems. Communications of the ACM, 120–126 (1978)

    Google Scholar 

  23. Gura, N., Eberle, H., Shantz, S.C.: Generic implementations of elliptic curve cryptography using partial reduction. In: Proceedings of the 9th ACM conference on Computer and Communications Security, pp. 177–189. ACM Press, New York (2002)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Services Computing Technology and System Lab, Cluster and Grid Computing Lab, School of Computer Science and Technology, Huazhong University of Science and Technology, China

    Deqing Zou & Zhensong Liao

  2. Department of Computer Science and Engineering, Kyungnam University, Korea

    Jong Hyuk Park

  3. St. Francis Xavier University, Canada

    Laurence Tianruo Yang

  4. Division of Multimedia, Hannam University, Korea

    Tai-hoon Kim

Authors
  1. Deqing Zou
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Jong Hyuk Park
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Laurence Tianruo Yang
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Zhensong Liao
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Tai-hoon Kim
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Frode Eika Sandnes Yan Zhang Chunming Rong Laurence T. Yang Jianhua Ma

Rights and permissions

Reprints and permissions

Copyright information

© 2008 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Zou, D., Park, J.H., Yang, L.T., Liao, Z., Kim, Th. (2008). A Formal Framework for Expressing Trust Negotiation in the Ubiquitous Computing Environment. In: Sandnes, F.E., Zhang, Y., Rong, C., Yang, L.T., Ma, J. (eds) Ubiquitous Intelligence and Computing. UIC 2008. Lecture Notes in Computer Science, vol 5061. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-69293-5_5

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-69293-5_5

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-69292-8

  • Online ISBN: 978-3-540-69293-5

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation