透過您的圖書館登入
IP:3.238.87.31
  • 學位論文

自動信任協商中政策指定和協商策略之研究

Research on Policy Assignments and Negotiation Strategies in Automated Trust Negotiation

指導教授 : 莊博任

摘要


自動信任協商(Automated Trust Negotiation)被提出以用於分散式系統架構之下進行存取控制以及認證之問題,其中心訴求是為了實現在多個虛擬組織之間的資源共享和協同運算,需要透過一種快速、有效的機制替數目龐大、動態分散的個體或組織之間建立信任關係,而服務之間的信任關係常常是動態建立、調整,需要依靠協商方式達成協同或資源共享的目的,並能維護服務的自制性、隱私性等安全需要。通訊雙方於協商過程中會透過指定的存取控制政策(Access Control Policy)來互相描述對方必須滿足的特徵,特徵通常是由憑據(Credential)構成,透過一連串的互相描述以及滿足,最後建立信任關係。 迄今為止,自動信任協商的研究方向包括基礎架構、存取控制政策和憑據、協商策略、協商協定、協商系統等等,本文著重於探討於信任協商當中存取控制政策的指定準則以及協商策略之研究。存取控制政策規範了欲存取受保護的資源所需滿足的憑據,但是為了避免跨領域間之政策一致性檢查機制過於複雜,因此對政策制定方式做出合理的約束是必要的,而僅透過制定政策的要求及表示政策的格式並未能真正為所有資源具體指定政策,而且政策指定須考量到權限問題,為了使自動信任協商能更明確執行,本文提出了一種專屬自動信任協商的、具體指定政策的準則,導入「權限分級」的概念。 另一方面,為了能夠使得建立信任關係的過程合理化,特定的協商策略便因應而生,在以往所提出的各種協商策略都各有其訴求,但是於運作模式的設計上仍有其缺陷存在,以Eager策略來說,其協商效率高,但是交握機制過程卻公開了與當次協商不相干的憑據,安全性令人堪憂;而PRUNES策略的安全性良好,但是由於其暴力回溯的概念,使得協商效率便相對緩慢。本文提出了一擷取所有協商策略的優勢並嘗試整合的混合型協商策略,以Parsimonious策略為基礎,保留其優勢,並加入了Eager與PRUNES的特性,且額外新增迭代計算來提升協商效率。於最後的實驗結果,證明本文所提出之協商策略確實兼顧了效能及安全性。

並列摘要


Automated trust negotiation is proposed to be used under the framework of distributed systems for the issues of access control and authentication. The most important demand is to achieve more resource sharing and collaborative computing between many virtual organizations. In order to implement the requirement, we need a fast and effective mechanism for the large number of dynamically distributed individuals or organizations to establish trust; in addition, the trust relationship between many network services often dynamically establish and adjust, so we need to rely on negotiation to achieve the purpose of collaboration or resource sharing and also can make maintenance of self-control, privacy and other security issues. Communicating parties in the negotiation process describe each other's characteristics that should be satisfied through the specified access control policies, and the characteristics usually consist of credentials. Via a series of descriptions and fulfillments, finally the two parties establish a mutual trust relationship. So far, the research of automated trust negotiation interests include infrastructure, access control policy and credentials, negotiation strategies, negotiation protocol, negotiation systems…etc., this article focuses on the research about the assignments of access control policies and the processes of negotiation strategies in the trust negotiation. Access control policies are assigned to regulate credentials that should be satisfied while accessing protected resources; however, in order to avoid that the policy consistency checking mechanism is too complex in the cross-region, it is necessary to make reasonable constraints for policy assignments. Nevertheless, it cannot really concretely assign policies for all the resources only through setting up the policy requirements and representing the policy format, and authority should be also considered in policy assignments. To make the automated trust negotiation be more specific implementation, this paper proposed proprietary and concrete policy assignments and implement them with the concept "classification authority". On the other hand, in order to make the process of establishing trust rationalization, a specific negotiation strategy will be proposed. In the past, a variety of proposed negotiation strategies had their own demands, but there are still several flaws for the design of the operation. For example, the Eager strategy, it has high efficiency, but the reason that it has disclosed irrelevant credentials in the handshake mechanism results in a poor security; the PRUNES, it has high security defense, but it makes low negotiation efficiency based on the concept of backtracking. In this paper, we retain the advantages of each of the negotiation strategy and try to integrate a hybrid negotiation strategy. Based on Parsimonious strategy, we have made a binding using the features of Eager and PRUNES strategies; in addition, we add iteration computing to improve the negotiation efficiency. In the experimental results, we have proved that the proposed hybrid negotiation strategy does take into account the performance and security.

參考文獻


[4] W. Winsborough, and N. Li, “Towards Practical Automated Trust Negotiation”, in Proc. of the Third International Workshop on Policies for Distributed Systems and Networks, 2002, pp. 92-103
[5] T. Yu, M. Winslett, and K. Seamons, “Supporting Structured Credentials and Sensitive Policies through Interoperable Strategies for Automated Trust Negotiation”, in Proc. of ACM Trans. on Information and System Security, 2003, 1(6):1-42
[6] T. Yu, “Automated Trust Establishment in Open Systems [Ph.D. Thesis]”, Provo: Brigham Yang University, 2003
[7] R. Jarvis, “Protecting Sensitive Credential Content during Trust Negotiation [Master Thesis]”, Illinois: University of Illinois, 2003
[8] I. H. Katugampala, H. Yamaki, and Y. Yamaguchi, “Memory Complexity of Automated Trust Negotiation Strategies”, in Proc. of (PRIMA 2009), LNAI 5925, 2009, pp. 229-244

延伸閱讀