IJSER Home >> Journal >> IJSER
International Journal of Scientific and Engineering Research
ISSN Online 2229-5518
ISSN Print: 2229-5518 3    
Website: http://www.ijser.org
scirp IJSER >> Volume 2, Issue 3, March 2011 Edition
Trust Enhanced Authorization for Distributed Systems
Full Text(PDF, 3000)  PP.  
Author(s)
Priyanka Dadhich, Dr. Kamlesh Dutta, Dr. M.C.Govil
KEYWORDS
Distributed, trust management, trusted computing, trust enhanced security, subjective trust
ABSTRACT
The trust management approach to distributed system security is developed as an answer to the inadequacy of traditional authorization mechanism. The subjective concept of trust not only enables users to better understand the paradigm of pervasive computing, but also opens new direction of research for solving existing problems such as security, management of online communities or e-services lifecycle .This paper specifies research issues in the areas of authorization and trust in distributed environments involving mobile networks, pervasive and ubiquitous computing networks . We here discuss the notion of trusted computing and examine existing authorization mechanisms and their inadequacies. Next we define a logic program based languages and policies that facilitate the modeling process.To the end various approaches to trust enhanced security for overall authorization security in distributed systems are discussed.
References
1. Heather, J., Hill, D.,:I’m Not Signing That! In Dimitrakos, T., MArtinelli, f., eds.: proceedings of the 1st Int’l Wksp on Formal Aspects in security and trust (FAST 2003), Pisa, Itlay(2003)71-81.

2. Ishaya, T., Mundy, D. P.:Trust development and management in virtual communities. In Trust Management : 2nd international conference ,itrust 2004, Oxford 2004.

3. Rindeback, C., Gustavsson, R.,: Why Trust is hard-Challenges in e-mediated services. In: Proceedings of the 7th Int’l wksp on Trust in Agent societies, New York, USA ,2004.

4. Lampson. B., Abadi, M., Burrows, M., Wobber, E.,: Authentication in distributed systems: theory and practice. ACM Trans. On Computer Science 10(4),1992.

5. Lampson. B., Abadi, M., Burrows, M., Plotkin, G.,: A calculus for access control in distributed systems. ACM Trans. On programming languages and systems 15(4),1993.

6. Jajodia, S., Samarati, P., Subrahmanian, V.S.: A logic language for expressing authorizations. In: Proc. IEEE Symp. On research in security and privacy, pp.31-42, 1997.

7. Maurer, U.,: Modelling a public key infrastructure. In : Martella, G., Kurth, H., Montolivo, E., Bertino, E.(eds) ESORICS 1996. LNCS, vol 1146 Springer , 1996.

8. Levien, R., Aiken, A.,: Attack –resistant trust metrics for public key certification. In: Proceedings of 7th USENIX security Symposium , 1998.

9. M. Blaze, J.Feigenbaum, J. Ioannidis and A. Keromytis. The KeyNote Trust-Management .Work in Progress, http:// www.cis.upenn.edu/angelos/keynote.html.

10. M. Blaze, J.Feigenbaum, J.Lacy. Decentralized Trust Management. In Proc. of the 17th Symposium on security and Privacy, pages 164-173. IEEE Computer Society Press, Los Alamitos,1996.

11. V. Varadharajan, C. Crall and J. Pato,” Authorization for Enterprise wide Distributed Systems” Proceedings of the IEEE Computer security Applications Conference, ACSA’ 98,1998 USA.

12. M. Hitchens and V. Varadharajan, “ower: A language for Role Based Access Control” proceedings of Int’l Wksp on Policies for Distributed Systems and Networks,UK , 2001pp 88-106.

13. S. Indrakanti, V. Varadharajan , M. Hitchens and R. Kumar,”Secure Authorizations for Web Services” Proceedings of the 17th IFIP Conference on Data and Applications Security, USA, 2003.

14. S. Jajodia, P. Samarati and V.S. Subrahmanian,” A Logical Language for Expressing Authorizations’, Proceedings of the IEEE Symposium on Security and Privacy, USA, 1997.

15. Y. Bai and V. Varadharajan ,’ A logic for State transformations in Authorization Policies’ Proceedings of the IEEE Computer Security Foundations Wksp, USA, 1997.

16. N. Damianou, N. Dulay, E. Lupu and M. Sloman,” the ponder Policy specification Language’, proceedings of Int’l Wksp on Policies for Distributed systems and networks, UK, 2001, pp 88- 106.

17. Chu, Y. H.., Feigenbaum, J., LaMacchia, B., Resnick , P., Strauss, M.: REFEREE: Trust Management for web Applications. Computer Networks and ISDN systems 29 (1997) 953-964.

18. Blaze, M., Feigenbaum, J., Keromytis, A. D..: KeyNote: Trust management for public-key infrastructures( position-paper) In: security protocols: 6th Int’l Wksp , Cambridge, UK, April 1998. Proceedings. Volume LNCS Springer- Verlag( 1998) 59-63.

19. T. Grandison and M. Sloman. A survey of trust in internet application. IEEE Communications Surveys, 2000.

20. T. Grandison and M. Sloman. Specifying and analyzing trust for Internet applications. In : proceedings of 2nd IFIP Conference on e-commerce, e-business , e- government 13e2002, Lisbon, Portugal 2002.

21. Tonti, G., Bradshaw, J. M., Jeffers, R., Montanari, R., Suri, N., Uszok, A.: Semantic web languages for policy representation and reasoning: A comparison of KAoS, Rei and Ponder. In: The Semantic Web – ISWC 2003. Vol LNCS 2870/2003.419- 437.

22. Damianou , N., Dulay, N., Lupu, E., Sloman, M.: The Ponder policy specification language. In: Wksp on Policies for Distributed System and Networks HP Labs Bristol 29-31 Jan 2001. Vol 1995, 2001.

23. Kagal, L., Finin, T., Joshi, A., : a policy language for a pervasive computing environment. In proceedings of tenth Knowledge Acquisition fpr knowledge-based system wksp,1995.

24. Uszok, A., Bradshaw, J. M., Jeffers, R. : KAoS: A Policy and domain services framework for grid computing and semantic web services. In: Trust Management : Second Int’l Conference, itrust 2004, Oxford, UK, March 29-April1, 2004. Proceedings. Volume LNCS 2995/(2004) 16-26.

25. Bradshaw, J. M..: KAoS: An open agent architecture supporting reuse, interoperability and extensibility . In : Proceedings of 10th Knowledge Acquisition for Knowledge-Based Systems Workshop(1995).

26. Dept. of Defense, “ trusted Computer System Evaluation Criteria”,(TCSEC), DoD5200.28 STD Dec. 198.

27. L. Kagal, T. Finin, A. Joshi. Trust based security in pervasive computing environments, Computer 34(2001) 154-157.

28. H. Zhu, F. Bao, R. H. Deng. Computing of trust in wireless networks, In: proceedings of IEEE 60 th Vehicular technology Conference 2004, pp 2621-2624.

29. T. Grandison and M. Sloman. A survey of trust in internet application. IEEE Communications Surveys, , 2000.

30. A. Josang . A logic for uncertain probabilities . Int’l journal of uncertainty, Fuzziness and knowledge based systems 2001.

31. G. Zacharia and P. Maes. Trust management through reputation mechanisms. Applied Artificial Intelligence,2000.

32. C. Castelfranchi and R. Falcone. Principles of trust for mas: cognitive anatomy , social importance and quantification. In Demazeau, y. (ed) proceedings of the 3rd int’l Conference on Multi- Agent systems, IEEE Computer Society, 1998.

33. C. Lin Trust Enhanced Security for MA, PhD thesis, Macquarie University, August 2006.

34. C. lin V. VAradharajan, Y. Wang and V. Pruthi. Trust enhanced security for MA. In 7th int’l IEEE conference on e-commerce technology 2005, IEEE Computer Society Press 2005.

35. B. Yu and M. Singh . A Social mechanisms of reputation management in electronic communities. In M. Klusch and L. Kerschberg, editors, CIA-2000 Wksp on Cooperative Information Agents, 1860 of LNAI, Springer, 2000.

36. B. Lampson, M. Abadi, M. Burrows and E. Wobber, Authentication in distributed systems:theory and practice. ACM Transactions on Computer Systems, 1992.

37. TCPA “ Trusted Computing Platform Alliance”, Building a trust in the PC, jan 2000, http://www.trustedcomputing.org(now known as trusted Computing Grpup, https://www.trustedcomputinggroup.org/home).

38. V. Varadharajan, “trust enhanced authorization and its applications”, 2005.

39. B. Balacheff et al.,“ trusted computing Platforms: TCPA Technology in context“, Prentice-Hall, 2003.Ramdomly---

40. M. Burrows, M. Abadi, R. Needham, a Logic of authentication, In: proceedings of the 12 th ACM symposium on Operating Systems Principles, 1989.

41. D. L. Hoffman, T. P. Novak, M. Peralta, Building consumer trust online, Communications of the ACM 1999.

42. Abdul-Rahman , A., Hailes,S.,: A Distributed Trust Model . In Proceedings , ACM New Security paradigmsWorkshop’97, Cumbria, UK 1997.

43. Wagealla, W., Carbone, M., English, C., Terzis, S., Nixon. P.: A formal model on trust lifecycle management. In : wksp on formal Aspects of security and trust (FAST 2003)at FM 2003. VOL IIT TR- 10/2003. IIT-CNR, Itlay 2003.

44. Resnick, P., Zeckhauser, R.,Friedman, E., Kuwabara, K.: reputation Systems. Communication of the ACM ,2000.

45. R Yahalom,B Klein and T Beth. Trust relationships in secure systems-a didtributed authentication perspective.Proceedings of IEEE Conference on Research in Security and Privacy,1993.

46. B.Lampson,M. Abadi,M. Burrows, and E.Wobber.Authentication in distributed systems: Theory and practice.ACm Transcations on Compuetr Systems,1992,10(4),pp.265-310.

47. Matt Blaze,Joan Feigenbaum,and Jack Lacy.Decentralised trust management .In Proceedings of the 1996 IEEE conference on security and privacy,Oakland,CA may,1996,pp.164-173

48. C.Lin,V.Varadharajan,”Trust Enhanced Security- A New Philosophy for Secure Collaboration of MobileAgents”Proceedings of the Workshop on Trusted Collaboration,part of Collaborate- Com2006,Atlanta,Georgia,USA.pp.17-20.

49. R. Yahalom, B. Klein ad T. Beth. Trust relationships in secure systems- a distributed authentication prospective. Proceedings of IEEE Conference on research in Security and Privacy, 1993.

Untitled Page