Distributed Authorization by Multiparty Trust Negotiation

نویسندگان

  • Charles C. Zhang
  • Marianne Winslett
چکیده

Automated trust negotiation (ATN) is a promising approach to establishing trust between two entities without any prior knowledge of each other. However, real-world authorization processes often involve online input from third parties, which ATN does not support. In this paper, we introduce multiparty trust negotiation (MTN) as a new approach to distributed authorization. We define a Datalog-based policy language, Distributed Authorization and Release Control Logic (DARCL), to specify both authorization and release control policies. DARCL suits the needs of MTN and can also serve as a powerful general-purpose policy language for authorization. To orchestrate the negotiation process among multiple parties without a centralized moderator, we propose the diffusion negotiation protocol, a set of message-passing conventions that allows parties to carry out a negotiation in a distributed fashion. Building on top of the diffusion negotiation protocol, we propose two negotiation strategies, both safe and complete, to drive MTN with different tradeoffs between privacy and negotiation speed.

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Multiparty Trust Negotiation: A New Approach to Distributed Authorization

Automated trust negotiation (ATN) is a promising approach to establishing trust between two entities without any prior knowledge of each other. However, real-world authorization processes often involve online input from third parties, which ATN does not support. In this paper, we introduce multiparty trust negotiation (MTN) as a new approach to distributed authorization. We define a Datalog-bas...

متن کامل

Towards Standards-Compliant Trust Negotiation for Web

Web services are a powerful distributed computing abstraction in that they enable users to develop workflows that incorporate data and information processing services located in multiple organizational domains. Fully realizing the potential of this computing paradigm requires a flexible authorization mechanism that can function correctly without a priori knowledge of the users in the system. Tr...

متن کامل

Towards Standards-Compliant Trust Negotiation for Web Services (Extended Version)∗

Web services are a powerful distributed computing abstraction in that they enable users to develop workflows that incorporate data and information processing services located in multiple organizational domains. Fully realizing the potential of this computing paradigm requires a flexible authorization mechanism that can function correctly without a priori knowledge of the users in the system. Tr...

متن کامل

Previous and Ongoing Work

Broadly speaking, my research interests lie at the intersection of the computer security, privacy, and distributed systems disciplines. In particular, I am interested in systems that facilitate secure interactions across multiple security domains while still preserving each individual’s privacy and autonomy. For my dissertation, I have focused mainly on the systems challenges surrounding the ad...

متن کامل

Towards Standards-Compliant Trust Negotiation for Web Services

Web services are a powerful distributed computing abstraction in that they enable users to develop workflows that incorporate data and information processing services located in multiple organizational domains. Fully realizing the potential of this computing paradigm requires a flexible authorization mechanism that can function correctly without a priori knowledge of the users in the system. Tr...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2008