User-centric services might enforce requirements difficult to be endorsed by visited networks unless tight coupled trust relations are previously established among providers. Maintaining those fixed trust relations is costly and unmanageable if the number of providers increases. Moreover, it requires providers to use a common security model, credentials, policies…Trust Negotiation can be the solution to this problem since allows to negotiate gradually a security state enabling multiple factor authentication and authorization even for “strangers” by exchanging various credentials. However, there are still two problems to solve, the first one is the delay introduced by the trust negotiation messages if used as bootstrapping in every interaction; the second one is the lack of protocol support. In this article we address those problems by presenting an extension to TLS that enables trust negotiation and credential issuing (to speed-up following interactions) over a secure channel.
Chapter PDF
Similar content being viewed by others
Keywords
- Mutual Authentication
- Message Authentication Code
- Protocol Message
- International Telecommunication Union
- Transport Layer Security
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
Díaz, D., Marín, A., Almen árez, F., Garcia-Rubio, C., Campo, C.: Context awareness in network selection for dynamic environments. 11th IFIP International Conference on Personal Wireless Communications “PWC06”. Lecture Notes In Computer Science Editor: SpringerVerlag GMBH (2006)
Blaze, M., Feigenbaum, J., Lacy, J.: Decentralized trust management. In: Proceedings IEEE Symposium on Security and Privacy, 1996, IEEE Computer (1996)
Blaze, M., Feigenbaum, J., Strauss, M.: Compliance checking in the policy maker trust management system. In: Financial Cryptography. Number 1465 in Lecture Notes in Computer Science, Springer-Verlag (1998)
Blaze, M., Feigenbaum, J., Ioannidis, J., Keromytis, A.: The keynote trust management system version 2. Technical Report RFC 2704, IETF (1999)
Ryutov, T., Neuman, C., Kim, D.: The specification and enforcement of advanced security policies. In: Proceedings of the IEEE 3rd International Workshop on Policies for Distributed Systems and Networks, 2002, IEEE Computer (2002)
Li, N., Grosof, B.N., Feigenbaum, J.: Delegation logic: A logic-based approach to distributed authorization. ACM Trans. Inf. Syst. Secur. 6 (2003) 128-171
Squicciarini, A.C.: Trust negotiation systems. In: EDBT Workshops. (2004) 90-99
Bertino, E., Ferrari, E., Squicciarini, A.: X -tnl: An xml-based language for trust negotiations. policy 00 (2003) 81
Díaz, D., Marín, A., Almen árez, F.: Enhancing access control for mobile devices with an agnostic trust negotiation decision engine. Personal Wireless Communications. Springer series in Computer Science. ISSN: 1571-5736. (2007)
(ITU), I.T.U.: The directory: Public-key and attribute certificate framework. Technical Report X.509, International Telecommunication Union (ITU) (2005)
Dierks, T.: The tls protocol. Technical Report RFC 2246, IETF TLS Working Group (1999)
Blake-Wilson, S.: Transport layer security (tls) extensions. Technical Report RFC 3546, IETF TLS Working Group (2003)
Myers, M., Adams, C., Solo, D., Kemp, D.: Internet x.509 certificate request message format. Technical Report RFC 2511, IETF TLS Working Group (1999)
Farrell, S., Housley, R.: An internet attribute certificate profile for authorization. Technical Report RFC 3281, IETF PKIX Working Group (2002)
Farrell, S.: Tls extensions for attributecertificate based authorization. Technical Report draftietf-tls-attr-cert-01.txt, IETF Transport Layer Security Working Group (1998)
Brown, M., Housley, R.: Transport layer security (tls) authorization extensions. Technical Report draft-housley-tls-authz-extns-07.txt, IETF (2006)
Hess, A., Jacobson, J., Mills, H., Wamsley, R., Seamons, K., Smith, B.: Advanced client/server authentication in tls (2002)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2008 International Federation for Information Processing
About this paper
Cite this paper
Díaz-Sánchez, D., Maríin, A., Almenarez, F., Campo, C., Cortés, A., García-Rubio, C. (2008). Trust Negotiation Protocol Support for Secure Mobile Network Service Deployment. In: Mammeri, Z. (eds) Wireless and Mobile Networking. WMNC 2008. IFIP International Federation for Information Processing, vol 284. Springer, Boston, MA. https://doi.org/10.1007/978-0-387-84839-6_22
Download citation
DOI: https://doi.org/10.1007/978-0-387-84839-6_22
Publisher Name: Springer, Boston, MA
Print ISBN: 978-0-387-84838-9
Online ISBN: 978-0-387-84839-6
eBook Packages: Computer ScienceComputer Science (R0)