Enhancing access control for mobile devices with an agnostic trust negotiation decision engine

  • Daniel Díaz-Sáanchez
  • Andrés Marín
  • Florina Almenárez
Part of the IFIP — The International Federation for Information Processing book series (IFIPAICT, volume 245)


Dynamic open environments demand trust negotiation systems for unknown entities willing to communicate. A security context has to be negotiated gradually in a fair peer to peer basis depending on the security level demanded by the application. Trust negotiation engines are driven by decision engines that lack of flexibility: depend on the implementation, policies languages or credentials types to be used. In this paper we present an agnostic engine able to combine all that information despite its origin or language allowing to select policies or requirements, credentials and resources to disclose, according to user preferences and context using iterative weighted Multidimensional Scaling to assist a mobile device during a trust negotiation.


trust negotiation access control flexible 


  1. 1.
    OASIS: eXtensible Access Control Markup Language (XACML) (2003) http://www.oasis-open.org/apps/org/workgroup/xacml/.
  2. 2.
    Mishra, P.: Saml v2.0 oasis standard specification. Technical Report SAML v2.0, OASIS Security Services TC (2005)Google Scholar
  3. 3.
    Herzberg, A., Mass, Y., Michaeli, J., Ravid, Y., Naor, D.: Access control meets public key infrastructure, or: Assigning roles to strangers. In: SP’ 00: Proceedings of the 2000 IEEE Symposium on Security and Privacy, Washington, DC, USA, IEEE Computer Society (2000) 2Google Scholar
  4. 4.
    Chadwick, D., Otenko, A.: The PERMIS X.509 role based privilege management infrastructure. Future Generation Computer Systems 19 (2003) 277–289CrossRefGoogle Scholar
  5. 5.
    Bhatti, R., Bertino, E., Ghafoor, A.: An integrated approach to federated identity and privilege management in open systems. Commun. ACM 50 (2007) 81–87CrossRefGoogle Scholar
  6. 6.
    Squicciarini, A.C.:Trust negotiation systems. In: EDBT Workshops. (2004) 90–99Google Scholar
  7. 7.
    Bertino, E.. Ferrari, E., Squicciarini, A.: Xtnl: An xml-based language for trust negotiations, policy 00 (2003) 81Google Scholar
  8. 8.
    Bertino, E., Khan, L.R., Sandhu, R., Thuraisingham, B.: Secure knowledge management: confidentiality, trust, and privacy. Systems, Man and Cybernetics, Part A, IEEE Transactions on 36 (2006) 429–438CrossRefGoogle Scholar
  9. 9.
    Borg, L, Groenen, P.: Modern multidimensional scaling, theory and applications. In: IEEE SECON 2004, New York, NY, USA, Springer-Verlag (1997)Google Scholar
  10. 10.
    Shang, Y., Ruml, W., Zhang, Y., Fromherz, M.P.J.: Localization from mere connectivity. In: MobiHoc’ 03: Proceedings of the 4th ACM international symposium on Mobile ad hoc networking & computing, New York, NY, USA, ACM Press (2003) 201–212CrossRefGoogle Scholar
  11. 11.
    Platt, J.C.: Fast embedding of sparse music similarity. In: Advances in Neural Information Processing Systems vol. 16. (2004)Google Scholar
  12. 12.
    Díaz, D., Marín, A,, Alménarez, F., García-Rubio, C, Campo, C: Context awareness in network selection for dynamic environments. In: 11th IFIP International Conference on Personal Wireless Communications “PWC’06”, Springer (2006)Google Scholar
  13. 13.
    Shepard, R.N.: The analysis of proximities: multidimensional scaling with unknown distance function part i. In: Psychometrika 27. (1962)Google Scholar
  14. 14.
    Kruskal, J.B.: Multidimensional scaling by optimizing goodness of fit to a nonmetric hypothesis. In: Psychometrika 29. (1964)Google Scholar
  15. 15.
    Takane, Y., Young, F.W., de Leeuw, J.: Nonmetric individual differences multidimensional scaling: an alternating least squares method with optimal scaling features. In: Psychometrika 42. (1977)Google Scholar
  16. 16.
    Almenárez, F., Díaz, D., Marín, A.: Secure Ad-hoc mBusiness: Enhancing WindowsCE security. In: 1st Conference on Trust Digital Business (TrustBus’04). (2004)Google Scholar

Copyright information

© International Federation for Information Processing 2007

Authors and Affiliations

  • Daniel Díaz-Sáanchez
    • 1
  • Andrés Marín
    • 1
  • Florina Almenárez
    • 1
  1. 1.Telematic Engineering DepartmentCarlos III University of Madrid AvdaLeganés (Madrid)Spain

Personalised recommendations