Security in Distributed Collaborative Environments: Limitations and Solutions

Chapter
First Online:
Part of the Advanced Information and Knowledge Processing book series (AI&KP)

Abstract

The main goal of establishing collaboration between heterogeneous environment is to create such as Pervasive context which provide nomadic users with ubiquitous access to digital information and surrounding resources. However, the constraints of mobility and heterogeneity arise a number of crucial issues related to security, especially authentication access control and privacy. First of all, in this chapter we explore the trust paradigm, specially the transitive capability to enable a trust peer to peer collaboration. In this manner, when each organization sets its own security policy to recognize (authenticate) users members of a trusted community and provide them a local access (access control), the trust transitivity between peers will allows users to gain a broad, larger and controlled access inside the pervasive environment. Next, we study the problem of user’s privacy. In fact in pervasive and ubiquitous environments, nomadic users gather and exchange certificates or credential which providing them rights to access by transitivity unknown and trusted environments. These signed documents embeds increasing number of attribute that require to be filtered according to such contextual situation. In this chapter, we propose a new morph signature enabling each certificate owner to preserve his privacy by discloses or blinds some sensitive attributes according to faced situation.

Keywords

Access Control Bezier Curve Role Base Access Control Home Site Pervasive Environment 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
This is a preview of subscription content, log in to check access.

References

  1. 1.
    A. Abdul-Rahman and S. Hailes. A distributed Trust Model. The ACM Workshop on New Security Paradigms, pp 48–60, Sep 1997.Google Scholar
  2. 2.
    Abdul-Rahman A., Hailes S. Supporting Trust in Virtual Communities. Hawaii Int. Conference on System Sciences, January 2000.Google Scholar
  3. 3.
    A. Abou El Kalam, R. El Baida, P. Balbiani, S. Benferhat, F. Cuppens, Y. Deswarte, A. Mige, C. Saurel, and G. Trouessin, Organization Based Access Control. IEEE 4th International Workshop on Policies for Distributed Systems and Networks. pp 120–131, Jun 2003.Google Scholar
  4. 4.
    M. Al-Kahtani and R. Sandhu, A Model for Attribute-Based User-Role Assignment. The 18th Annual Computer Security Applications Conference, pp 353, Dec 2002.Google Scholar
  5. 5.
    F. Almenarez, A. Marin, C. Campo, C. Garcia-Rubio. PTM: A Pervasive Trust Management Model for Dynamic Open Environments. In Proc. of the First Workshop on Pervasive Security, Privacy and Trust, PSP’04 in conjuntion with Mobiquitous 2004. Boston, MA, USA, August, 2004.Google Scholar
  6. 6.
    F. Almenarez, A. Marin, C. Campo, C. Garcia-Rubio. TrustAC: Trust-Based Access Control for Pervasive Devices. Security in Pervasive Computing: Second International Conference, SPC 2005, Boppard, Germany, April 6–8, 2005.Google Scholar
  7. 7.
    F. Almenarez, A. Marin, D. Diaz, and J. Sanchez, Developing a Model for Trust Management in Pervasive Devices. In Proc. of the Fourth Annual IEEE International Conference on Pervasive Computing and Communications, 13–17 March, 2006.Google Scholar
  8. 8.
    Bernard Barber. The Logic and Limits of Trust. Rutgers University Press, NJ, USA, 1983.Google Scholar
  9. 9.
    M. Bartel, J. Boyer, B. Fox, B. LaMacchia, and E. Simon. XML-encryption syntax and processing. In W3C Recommendation. Feb 2002. http://www.w3.org/TR/2002/REC-xmldsig-core-20020212/
  10. 10.
    D. E. Bell.A Refinement of the Mathematical Model. Technical Report ESD-TR-278 vol. 3, The Mitre Corp., Bedford, MA, 1973.Google Scholar
  11. 11.
    E. Bertino E, P. A. Bonatti, and E. Ferrari, TRBAC: A temporal role based access control model. The fifth ACM workshop on Role-based access control, pp 21–30, Jul 2000.Google Scholar
  12. 12.
    Elisa Bertino, Elena Ferrari, Anna Squicciarini. Trust-X: A Peer-to-Peer Framework for Trust Establishment. IEEE Transactions on Knowledge and Data Engineering, 2004.Google Scholar
  13. 13.
    T. Beth, M. Borcherding, and B. Klein. Valuation of Trust in Open Networks. The European Symposium on Research in Computer Security, Nov 1994.Google Scholar
  14. 14.
    Stefan Brands. A technical Overview of Digital Credentials. Research Report, Feb 2002.Google Scholar
  15. 15.
    L. Bull, P. Stanski, and D. M. Squire. Content extraction signatures using XML digital signatures and custom transforms on-demand. In Proceedings of the 12th international Conference on World Wide Web pages 170–177. May 2003.Google Scholar
  16. 16.
    L. Bussard, Y. Roudier, R. Kilian-Kehr, S. Crosta. Trust and Authorization in Pervasive B2E Scenarios. 6th Information Security Conference, Oct 2003.Google Scholar
  17. 17.
    Licia Capra. Engineering Human Trust in Mobile System Collaborations. In Proc. of the 12th International Symposium on the Foundations of Software Engineering (SIGSOFT 2004), pp. 107–116, November 2004.Google Scholar
  18. 18.
    L. Capra and M. Musolesi. Autonomic Trust Prediction for Pervasive Systems. In Proc. of IEEE International Workshop on Trusted and Autonomic Computing Systems (TACS-06), in conjunction with 20th IEEE International Conference on Advanced Information Networking and Applications (AINA 2006), April 2006.Google Scholar
  19. 19.
    Marco Carbone, Mogens Nielsen, and Vladimiro Sassone. A Formal Model for Trust in Dynamic Networks. BRICS Report RS-03-4, 2003.Google Scholar
  20. 20.
    Catholijn M. Jonker and Jan Treur. Formal Analysis of Models for the Dynamics of Trust Based on Experiences. In Proc. of the 9th European Workshop on Modelling Autonomous Agents in a Multi-Agent World, 1999.Google Scholar
  21. 21.
    D. Chadwick and A. Otenko, The PERMIS X.509 role based privilege management infrastructure. The seventh ACM symposium on Access control models and technologies, pp 135–140, 2002.Google Scholar
  22. 22.
    Challenge-response authentication From Wikipedia, the free encyclopedia. http://en.wikipedia.org/wiki/Challenge-response_authentication
  23. 23.
    James Coleman. Foundations of Social Theory. Harvard University Press, 1990.Google Scholar
  24. 24.
    Francis Fukuyama. Trust: The Social Virtues and the Creation of Prosperity. Free Press, 1995.Google Scholar
  25. 25.
    N. S. Glance, D. Arregui, and M. Dardenne. Making recommender systems work for organizations. International Conference on Practical Application of Intelligent Agents and Multi-Agents (PAAM), Apr 1999.Google Scholar
  26. 26.
    R. Guha, Ravi Kumar, Prabhakar Raghavan, and Andrew Tomkins. Propagation of Trust and Distrust. In Proceedings of the International World Wide Web Conference, 2004 (WWW2004).Google Scholar
  27. 27.
    M. H. Harrison, W. L. Ruzzo, and J. D. Ullman. Protection in Operating Systems. Communications of the ACM, 19(8):461–471, 1976.MathSciNetMATHCrossRefGoogle Scholar
  28. 28.
    D. Harrison McKnight, Vivek Choudhury and Charles Kacmar. Developing and Validating Trust Measures for e-Commerce: An Integrative Typology. Information Systems Research, September 2002.Google Scholar
  29. 29.
    ITU-T Simple public key infrastructure (SPKI) charter, http://www.ietf.org/html.charters/OLD/spki-charter.html.
  30. 30.
    ITU-T Rec. X.509 (2000). ISO/IEC 9594-8 The Directory: Authentication Framework.Google Scholar
  31. 31.
    ITU-T Rec. X.680 (2002) ISO/IEC 8824-1:2002, http://asn1.elibel.tm.fr/en/standards/index.htm
  32. 32.
    R. Johnson, D. Molnar, D. Song and D. Wagner, Homomorphic signature schemes, Proceeding in Cryptology - CT-RSA 2002, ed. B. Preneel, LNCS 2271, pp. 244–262, 2002.Google Scholar
  33. 33.
    L. Kagal, T. Finin, A. Joshi. Trust-Based Security in Pervasive Computing Environments. IEEE Computer, 34(12)154–157, Dec 2001.CrossRefGoogle Scholar
  34. 34.
    L. Kagal, T. Finin and Y. Peng, A Delegation Based Model for Distributed Trust. Workshop on Autonomy, Delegation, and Control: Interacting with Autonomous Agents, pp 73–80, Aug 2001.Google Scholar
  35. 35.
    R. E. Kalman. A New Approach to Linear Filtering and Prediction Problems. Transactions of the ASME - Journal of Basic Engineering, 82(Series D):35-45, 1960.CrossRefGoogle Scholar
  36. 36.
    R. Levien and A. Aiken. Attack Resistant Trust Metrics for Public Key Certification. In Proc. of the 7th USENIX Security Symposium, pp. 265 -298, January 1998.Google Scholar
  37. 37.
    M. Lorch, D. Adams, D. Kafura, et al. The PRIMA System for Privilege Management, Authorization and Enforcement. In Proceedings of the 4th International Workshop on Grid Computing, Nov 2003.Google Scholar
  38. 38.
    Niklas Luhmann. Trust and Power. Wiley, Chichester, England, 1979.Google Scholar
  39. 39.
    Marsh, S. Formalising Trust as a Computational Concept. Ph.D. Thesis. Department of Mathematics and Computer Science, University of Stirling, Scotland, UK. 1994.Google Scholar
  40. 40.
    S. P. Marsh. Formalising Trust as a Computational Concept. PhD thesis, University of Stirling, Apr 1994.Google Scholar
  41. 41.
    S. Micali and R. Rivest L. 2002. Transitive Signature Schemes. In Proceedings of the the Cryptographer’s Track At the RSA Conference on Topics in Cryptology, Computer Science, vol. 2271. pp 236–243, Feb 2003.MathSciNetGoogle Scholar
  42. 42.
    X. Orri, J. M. Mas, SPKI-XML Certificate Structure Internet-Draft, Octalis SA, Nov 2001. http://www.ietf.org/internetdrafts/draft-orri-spki-xml-cert-struc-00.txt
  43. 43.
    L. Pearlman, V. Welch, I. Foster, C. Kesselman, and S. Tuecke. A Community Authorization Service for Group Collaboration. IEEE 3rd International Workshop on Policies for Distributed Systems and Networks, Jun 2002.Google Scholar
  44. 44.
    R. Saadi, J. M. Pierson, L. Brunie. (Dis)trust Certification Model for Large Access in Pervasive Environment. JPCC International Journal of Pervasive Computing and Communications. Volume 1, Issue 4, pp 289–299. Oct 2005.CrossRefGoogle Scholar
  45. 45.
    Rachid Saadi, Jean-Marc Pierson and Lionel Brunie. Context Adapted Certificate Using Morph Template Signature for Pervasive Environments. The International Symposium on Ubiquitous Computing Systems (UCS 2007), Nov 2007.Google Scholar
  46. 46.
    R. Sandhu, E. J. Coyne, H. L. Feinstein, and al. Role-Based Access Control Models. IEEE Computer, 29(2):38–47, 1996.CrossRefGoogle Scholar
  47. 47.
    Sant, P. and Maple, C. A Graph Theoretic Framework for Trust - From Local to Global. Information Visualization, July 2006.Google Scholar
  48. 48.
    Dana S. Scott. Domains for Denotational Semantics. ICALP ’82 - LNCS, 140, 1982.Google Scholar
  49. 49.
    Shibboleth, url : “http://shibboleth.internet2.edu”.
  50. 50.
    L. Seitz, J. M. Pierson and L. Brunie. Semantic Access Control for Medical Applications in Grid Environments. A International Conference on Parallel and Distributed Computing, pp 374–383, Aug 2003 Shibboleth, url : “http://shibboleth.internet2.edu”.
  51. 51.
    N. Shankar, W. Arbaugh. On Trust for Ubiquitous Computing. Workshop on Security in Ubiquitous Computing, Sep 2004.Google Scholar
  52. 52.
    Shibboleth architecture, technical overview, url: “http://shibboleth.internet2.edu/docs/draft-mace-shibboleth-tech-overview-latest.pdf”.
  53. 53.
    R. Steinfeld, L. Bull and Y. Zheng; Content Extraction Signatures. In Proceedings of 4th International Conference of Information Security and Cryptology. pages 285–2004. Dec 2001.Google Scholar
  54. 54.
    M. R. Thompson, A. Essiari, and S. Mudumbai 2003. Certificate-based authorization policy in a PKI environment. ACM Trans. Inf. Syst. Secur. 6, 4, pp 566–588, Nov 2003.CrossRefGoogle Scholar
  55. 55.
    J. Watt and O. Ajayi and J. Jiang and J. Koetsier and R. O. Sinnott. A Shibboleth-Protected Privilege Management Infrastructure for e-Science Education, The Sixth IEEE International Symposium on Cluster Computing and the Grid, pp 357–364, 2006.Google Scholar
  56. 56.
    V. Welch, F. Siebenlist, I. Foster, J. Bresnahan, K. Czajkowski, J. Gawor, C. Kesselman, S. Meder, L. Pearlman, S. Tuecke. Security for Grid Services. Twelfth International Symposium on High Performance Distributed Computing, Jun 2003.Google Scholar
  57. 57.
    M. Winslett, T. Yu, K. E. Seamons, A. Hess, J. Jacobson, R. Jarvis, B. Smith, L. Yu, Negotiating trust in the Web. IEEE Internet Computing, Nov/Dec 2002.Google Scholar
  58. 58.
    P. R. Zimmermann. The Official PGP User’s Guide. MIT Press, Cambridge, MA, USA, 1995.Google Scholar

Copyright information

© Springer-Verlag London Limited 2010

Authors and Affiliations

  • Rachid Saadi
    • 1
  • Jean-Marc Pierson
    • 2
  • Lionel Brunie
    • 1
  1. 1.LIRIS LabINSA de LyonLyonFrance
  2. 2.IRIT LabUniversity Paul Sabatier ToulouseToulouseFrance

Personalised recommendations