A Requirements-Driven Trust Framework for Secure Interoperation in Open Environments

  • Suroop Mohan Chandran
  • Korporn Panyim
  • James B. D. Joshi
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3986)


A key challenge in emerging multi-domain open environments is the need to establish trust-based, loosely coupled partnerships between previously unknown domains. An efficient trust framework is essential to facilitate trust negotiation based on the service requirements of the partner domains. While several trust mechanisms have been proposed, none address the issue of integrating the trust mechanisms with the process of integrating access control policies of partner domains to facilitate secure interoperation. In this paper, we propose a requirements-driven trust framework for secure interoperation in open environments. Our framework tightly integrates game-theory based trust negotiation with service negotiation, and policy mapping to ensure secure interoperation.


Service Requirement Trust Level Trust Establishment Policy Mapping Direct Trust 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Skogsrud, H., Benatallah, B., Casati, F.: Model Driven Trust Negotiation for Web Services. IEEE Internet Computing, 45–52, (November-December 2003)Google Scholar
  2. 2.
    Yu, T., Winslett, M., Seamons, K.E.: Supporting Structured Credentials and Sensitive Policies through Interoperable Strategies for Automated Trust Negotiation. ACM Transactions in Information Systems Security 6(1), 1–42 (2003)CrossRefGoogle Scholar
  3. 3.
    Bertino, E., Ferrari, E., Squicciarani, A.C.: Trust-X: A Peer to Peer Framework for Trust Establishment. IEEE Transactions on Knowledge and Data Engineering 16(7), 827–842 (2004)CrossRefGoogle Scholar
  4. 4.
    Capra, L.: Engineering Human Trust in Mobile System Collaborations. In: Proceedings of ACM SIGSOFT/FSE-12, Newport Beach, CA, October 31-November 6, 2004, pp. 107–116 (2004)Google Scholar
  5. 5.
    Aberer, K., Despotovic, Z.: Managing Trust in a Peer-2-Peer Information System. In: Proceedings of ACM CIKM 2001, Atlanta, GA, November 5-10, 2001, pp. 310–317 (2001)Google Scholar
  6. 6.
    Xianliang, H.M.L., Chuan, Z.-x.-Z.: A trust model of P2P system based on confirmation theory. ACM SIGOPS Operating Systems Review 39(1), 56–62 (2005)CrossRefGoogle Scholar
  7. 7.
    Gupta, M., Judge, P., Ammar, M.: A Reputation System for Peer-to-Peer Networks. In: Proceedings of NOSSDAV 2003, Monterey, California, USA (June 1–3, 2003)Google Scholar
  8. 8.
    Damiani, E., di Vimercati, S. de C., Paraboschi, S., Samarati, P., Violante, F.: A Reputation-Based Approach for Choosing Reliable Resources in Peer-to-Peer Networks. In: CCS 2002, Washington, DC, USA, November 18–22 (2002)Google Scholar
  9. 9.
    Ye, S., Makedon, F., Ford, J.: Collaborative Automated Trust Negotiation in Peer-to-Peer Systems. In: Proceedings of the Fourth International Conference on Peer-to-Peer Computing, August 25–27, 2004, pp. 108–115 (2004)Google Scholar
  10. 10.
    Khedr, M., Karmouch, A.: Negotiating context Information in Context-Aware Systems. IEEE Intelligent Systems 19(6), 21–29 (2004)CrossRefGoogle Scholar
  11. 11.
    Ryutov, T., Zhou, L., Neuman, C., Leithead, T., Seamons, K.E.: Adaptive Trust Negotiation and Access Control. In: Proceedings of SACMAT 2005, Stockholm, Sweden, June 1–3, 2005, pp. 139–146 (2005)Google Scholar
  12. 12.
    Marti, S., Garcia-Molina, H.: Identity-Crisis: Anonymity vs. Reputation in P2P Systems. In: Proceedings of The Third International Conference on Peer-to-Peer Computing (P2P 2003), September 1–3, 2003, pp. 134–141 (2003)Google Scholar
  13. 13.
    Song, S., Hwang, K., Macwan, M.: Fuzzy trust integration for security enforcement in grid computing. In: Jin, H., Gao, G.R., Xu, Z., Chen, H. (eds.) NPC 2004. LNCS, vol. 3222, pp. 9–21. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  14. 14.
    Azzedin, F., Maheswaran, M.: Towards Trust-Aware Resource Management in Grid Computing Systems. In: Proceedings of the 2nd IEEE/ACM International Symposium on Cluster Computing and the Grid (CCGRID 2002), August 18–21, 2002, pp. 47–54 (2002)Google Scholar
  15. 15.
    Bussard, L., Roudier, Y., Molva, R.: Untraceable Secret Credentials: Trust Establishment with Privacy. In: Proceedings of the Second IEEE Annual Conference on Pervasive Computing and Communications Workshops (PERCOMW 2004), March 14–17, 2004, pp. 122–126 (2004)Google Scholar
  16. 16.
    Au, R., Looi, M., Ashley, P.: Automated Cross-organisational Trust Establishment on Extranets. In: Proceedings of Workshop on Information Technology for Virtual Enterprises, ITVE 2001, January 29-30, 2001, pp. 3–11 (2001)Google Scholar
  17. 17.
    O’Donovan, J., Smyth, B.: Trust in Recommender Systems. In: Proceedings of IUI 2005, San Diego, California, January 9–12, 2005, pp. 167–174 (2005)Google Scholar
  18. 18.
    Shand, B., Dimmock, N., Bacon, J.: Trust for Ubiquitous, Transparent Collaboration. Wireless Networks 10, 711–721 (2004)CrossRefGoogle Scholar
  19. 19.
    Manchala, D.W.: E-Commerce Trust Metrics and Models. Internet Computing, IEEE 4(2), 36–44 (2000)CrossRefGoogle Scholar
  20. 20.
    Daskapan, S., Vree, W.G., Eldin, A.A.: Trust Metrics for survivable security systems. In: Proceedings of IEEE International Conference on Systems, Man and Cybernetics, October 5-8, 2003, vol. 4, pp. 3128–3135 (2003)Google Scholar
  21. 21.
    Patrick, P.: Impact of SoA on Enterprie Information Archietctures. In: Proceedings of SIGMOD 2005, Baltimore, Maryland, USA, June 14–16 (2005)Google Scholar
  22. 22.
    Benatallah, B., Dumas, M., Fauvet, M.-C., Rabhi, F.A., Sheng, Q.-Z.: Overview of some Patterns for Architecting and Managing services. ACM SIGecom Exchanges 3(3), 9–16 (2002)CrossRefGoogle Scholar
  23. 23.
    Baresi, L., Heckel, R., Thone, S., Varro, D.: Modeling and Validation of Service-Oriented Architectures: Application vs. Style. In: Proceedings of ESEC/FSE 2003, Helsinki, Finland, September 1–5 (2003)Google Scholar
  24. 24.
    Joshi, J.B.D., Bhatti, R., Bertino, E., Ghafoor, A.: Access-control language for Multidomain environments. IEEE Internet Computing 8(6), 40–50 (2004)CrossRefGoogle Scholar
  25. 25.
    Joshi, J.B.D., Bertino, E., Latif, U., Ghafoor, A.: A generalized temporal role-based access control model. IEEE Transactions on Knowledge and Data Engineering 17(1), 4–23 (2005)CrossRefGoogle Scholar
  26. 26.
    Piromruen, S., Joshi, J.B.D.: An RBAC Framework for Time Constrained Secure Interoperation in Multi-domain Environment. In: Proceedings of IEEE Workshop on Object-oriented Real-time Databases (WORDS 2005) (2005)Google Scholar
  27. 27.
    Farrell, S., Housley, R.: An Internet Attribute Certificate Profile for Authorization, RFC 3281 (April 2002)Google Scholar
  28. 28.
    Chandran, S.M., Joshi, J.B.D.: LoT-RBAC: A Location and Time-based RBAC Model. In: Proceedings of 6th International Conference on Web Information Systems Engineering, New York City, NY, November 20–22 (2005)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Suroop Mohan Chandran
    • 1
  • Korporn Panyim
    • 1
  • James B. D. Joshi
    • 1
  1. 1.Department of Information Sciences and TelecommunicationsUniversity of PittsburghUSA

Personalised recommendations