iTrust 2004: Trust Management pp 191-205 | Cite as

Towards Dynamic Security Perimeters for Virtual Collaborative Networks

  • Ivan Djordjevic
  • Theo Dimitrakos
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 2995)

Abstract

Rapid technological advancements capitalising on the convergence of information (middleware) and communication (network) technologies now enable open application-to-application communication and bring about the prospect of ad hoc integration of systems across organisational boundaries to support collaborations that may last for a single transaction or evolve dynamically over a longer period. Architectures for managing networks of collaborating peers in such environments face new security and trust management challenges. In this paper we will introduce the basic elements of such an architecture emphasising trust establishment, secure collaboration, distributed monitoring and performance assessment issues.

Keywords

Security Policy Trust Management Network Entity Application Service Provider Attribute Certificate 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
This is a preview of subscription content, log in to check access.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Bellovin, S.M.: Distributed Firewalls. login: Magazine of USENIX, 37–39 (November 1999)Google Scholar
  2. 2.
    Bradshaw, J., et al.: Representation and reasoning about DAML-based policy and domain services in KAoS. In: Proc of 2nd Int Joint Conference on Autonomous Agents and Multi Agent Systems (AAMAS 2003), Melbourne, Australia, July 14-18 (2003)Google Scholar
  3. 3.
    Braynov, S.: On Future Avenues for Distributed Attacks. In: Proc of 2nd European Conference on Information Warfare and Security (ECIW 2003), July 2003, pp. 51–60 (2003)Google Scholar
  4. 4.
    Chadwick, D.W., Otenko, A.: RBAC Policies in XML for X.509 Based Privilege Management. In: Proc. IFIP SEC 2002, Kluwer Academic Publishers, Dordrecht (2002)Google Scholar
  5. 5.
    Damianou, N., Dulay, N., Lupu, E., Sloman, M.: The Ponder Policy Specification Language. In: Sloman, M., Lobo, J., Lupu, E.C. (eds.) POLICY 2001. LNCS, vol. 1995, pp. 18–39. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  6. 6.
    Dimitrakos, T., Djordjevic, I., Matthews, B., Bicarregui, J., Phillips, C.: Policy Driven Access Control over Distributed Firewall Architecture. In: Proc of Policy 2002, pp. 228–231. IEEE Computer Society, Los Alamitos (2002) ISBN 0-7695-1611-4Google Scholar
  7. 7.
    Dimitrakos, T., Djordjevic, I., Milosevic, Z., Jøsang, A., Phillips, C.: Contract Performance Assessment for Secure and Dynamic Virtual Collaborations. In: Proc. of EDOC 2003, 7th IEEE Int Enterprise Distributed Object Computing Conference (2003)Google Scholar
  8. 8.
    Dimitrakos, T., Randal Mac, D., Yuan, F., Gaeta, M., Laria, G., Ritrovato, P., Serhan, B., Wesner, S., Wulf, K.: An Emerging Architecture Enabling Grid-based Application Service Provision. In: Proc of the 7th IEEE Int Enterprise Distributed Object Computing Conference (EDOC 2003), Brisbane, Australia, September 16-19, IEEE Press, Los Alamitos (2003)Google Scholar
  9. 9.
    Djordjevic, I., Phillips, C.: Architecture for Secure Work of Dynamic Distributed Groups. In: Proc of 1st IEEE Consumer Communication and Networking Conference (CCNC 2004), Las Vegas, Nevada, USA, January 5-8 (2004)Google Scholar
  10. 10.
    Djordjevic, I., Phillips, C.: Certificate-Based Distributed Firewalls for Secure E-Commerce Transactions. Journal of the Institution of British Telecommunications Engineers (IBTE) 2, part 3, 14–19 (2001)Google Scholar
  11. 11.
    Dragovic, B., Hand, S., Harris, T.L., Kotsovinos, E., Twigg, A.: Managing Trust and Reputation in the XenoServer Open Platform. In: Nixon, P., Terzis, S. (eds.) iTrust 2003. LNCS, vol. 2692, pp. 59–74. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  12. 12.
    Farrel, S., Housley, R.: An Internet Attribute Certificate Profile for Authorization, RFC 3281, Network Working Group, IETF (April 2002)Google Scholar
  13. 13.
    Gray, E., Seigneur, J.-M., Chen, Y., Jensen, C.D.: Trust Propagation in Small Worlds. In: Nixon, P., Terzis, S. (eds.) iTrust 2003. LNCS, vol. 2692, pp. 239–254. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  14. 14.
    Golbeck, J., Parsia, B., Hendler, J.: Trust networks on the semantic web. In: Proc. of Cooperative Intelligent Agents 2003, Helsinki, Finland (August 2003)Google Scholar
  15. 15.
    Housley, R., Polk, W., Ford, W., Solo, D.: Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile, RFC 3280, Network Working Group, IETF (April 2002)Google Scholar
  16. 16.
    Ioannidis, S., Bellovin, S.M., Ioannidis, J., Keromytis, A.D., Smith, J.M.: Design and Implementation of Virtual Private Services. In: Proc of 12th IEEE Int Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises, Linz, Austria, June 9-11, pp. 269–275. IEEE CS, Los Alamitos (2003)Google Scholar
  17. 17.
    Jin, H., Xian, F., Han, Z., Li, S.: A Distributed Dynamic micro-Firewall Architecture with Mobile Agents and KeyNote Trust Management System. In: Deng, R.H., Qing, S., Bao, F., Zhou, J. (eds.) ICICS 2002. LNCS, vol. 2513, pp. 13–24. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  18. 18.
    Jøsang, A.: A Logic for Uncertain Probabilities. International Journal of Uncertainty, Fuzziness and Knowledge-Based Systems 9(3), 279–311 (2001)MathSciNetGoogle Scholar
  19. 19.
    Kagal, L., et al.: Towards Authorization, Confidentiality and Privacy for Semantic Web Services. In: Proc of AAAI 2004 Spring Symposium on Semantic Web Services (2004)Google Scholar
  20. 20.
    Menezes, A., van Oorschot, P., Vanstone, S.: Handbook of Applied Cryptography. CRC Press, Boca Raton (1996) ISBN: 0-8493-8523-7CrossRefGoogle Scholar
  21. 21.
    Munson, J.C., Wimer, S.: Watcher: The Missing Piece of Security Puzzle. In: Proc of 17th Annual Conference on Computer Security Applications (ACSAC 2001), pp. 230–239 (2001)Google Scholar
  22. 22.
    Security in Microsoft.NET Framework; Analysis by Foundstone, Inc. & CORE Security Technologies (2000), http://www.foundstone.com/pdf/dotnet-security-framework.pdf
  23. 23.
    Maywah, A.J.: An Implementation of a Secure Web Client Using SPKI/SDSI Certificates. MSc Thesis, Dept of Elec. Engineering and Comp. Science, MIT (2000)Google Scholar
  24. 24.
    GRASP Homepage, http://www.eu-grasp.com
  25. 25.
    Wallner, D., Harder, E., Agee, R.: Key Management for Multicast: Issues and Architectures. RFC 2627, Network Working Group, IETF (June 1999)Google Scholar
  26. 26.

Copyright information

© Springer-Verlag Berlin Heidelberg 2004

Authors and Affiliations

  • Ivan Djordjevic
    • 1
  • Theo Dimitrakos
    • 2
  1. 1.Department of Electronic EngineeringQueen Mary, University of LondonUK
  2. 2.Central Laboratory of the Research CouncilsRutherford Appleton Lab.UK

Personalised recommendations