Advertisement

Synergy: A Policy-Driven, Trust-Aware Information Dissemination Framework

  • Ragib Hasan
  • Marianne Winslett
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3975)

Abstract

Information dissemination is of vital importance in today’s information-centric world. However, controlling the flow of information across multiple security domains is a problem. Most of the current solutions rely on prior knowledge of the users for authorization, which does not scale well. Also, many information sources have dynamic access control policies, which are hard to satisfy under existing schemes. In this paper, we present Synergy, a general purpose information sharing framework that uses trust negotiation to implement scalable authorization in an open environment. Synergy provides an abstraction for the information sources and consumers to accommodate new trust-aware systems as well as legacy systems. We also present a practical disaster management application that uses this framework.

Keywords

Policy Language Trust Management Access Control Policy Security Domain Resource Owner 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Becker, M., Sewell, P.: Cassandra: Distributed access control policies with tunable expressiveness. In: 5th IEEE Intl. Workshop on Policies for Distributed Systems and Networks (2004)Google Scholar
  2. 2.
    Bertino, E., Ferrari, E., Squicciarini, A.C.: Trust-X: a peer-to-peer framework for trust establishment. IEEE Trans. on Knowledge and Data Engineering 16(7) (2004)Google Scholar
  3. 3.
    Bina, E., McCool, R., Jones, V., Winslett, M.: Secure access to data over the internet. In: Proc. of the 3rd Intl. Conf. on Parallel and Distributed Information Systems (1994)Google Scholar
  4. 4.
    Blaze, M., Feigenbaum, J., Keromytis, A.D.: KeyNote: Trust management for public-key infrastructures. In: Christianson, B., Crispo, B., Harbison, W.S., Roe, M. (eds.) Security Protocols 1998. LNCS, vol. 1550, p. 59. Springer, Heidelberg (1999)CrossRefGoogle Scholar
  5. 5.
    Blaze, M., Feigenbaum, J., Lacey, J.: Decentralized trust management. In: Proc. IEEE Symp. on Security and Privacy (1996)Google Scholar
  6. 6.
    Bonatti, P., Samarati, P.: Regulating service access and information release on the web. In: Proc. of the 7th ACM Conf. on Computer and Communications Security (2000)Google Scholar
  7. 7.
    Chadwick, D., Otenko, S., Xu, W., Wu, Z.: Adding distributed trust management to Shibboleth. In: Proc. of the 4th Annual PKI Workshop. NIST (2005)Google Scholar
  8. 8.
    Hasan, R.: Synergy: A Policy-driven, Trust-aware Information Dissemination Framework. Masters Thesis, Dept. of Computer Science, University of Illinois at Urbana-Champaign (2005)Google Scholar
  9. 9.
    Herzberg, A., Mass, Y., Michaeli, J., Ravid, Y., Naor, D.: Access control meets public key infrastructure, or: Assigning roles to strangers. In: Proc. of the IEEE Symp. on Security and Privacy (2000)Google Scholar
  10. 10.
    Hughes, J., Maler, E., Lockhart, H., Wisniewki, T., Mishra, P., Ragouzis, N.: Technical overview of the OASIS security assertion markup language (SAML) v1.1. OASIS Open (2004)Google Scholar
  11. 11.
    Koshutanski, H., Massacci, F.: An interactive trust management and negotiation scheme. In: Proc. of the 1st Intl. Workshop on Formal Aspects in Security and Trust (2004)Google Scholar
  12. 12.
    Lee, A.: Traust: A Trust Negotiation Based Authorization Service for Open Systems. Masters Thesis, Dept. of Computer Science, University of Illinois at Urbana-Champaign (2005)Google Scholar
  13. 13.
    Li, N., Mitchell, J., Winsborough, W.: Design of a role-based trust management framework. In: Proc. of the IEEE Symp. on Security and Privacy (2002)Google Scholar
  14. 14.
    RESCUE Project. The RESCUE Project website, http://www.itr-rescue.org
  15. 15.
    Scavo, T., Cantor, S., Dors, N.: Shibboleth architecture technical overview (2005), http://shibboleth.internet2.edu/docs/draft-mace-shibboleth-tech-overview-latest.pdf
  16. 16.
    Seamons, K., Winslett, M., Yu, T., Smith, B., Child, E., Jacobson, J., Mills, H., Yu, L.: Requirements for policy languages for trust negotiation. In: 3rd IEEE Intl. Workshop on Policies for Distributed Systems and Networks (2002)Google Scholar
  17. 17.
    Winslett, M., Yu, T., Seamons, K.E., Hess, A., Jacobson, J., Jarvis, R., Smith, B., Yu, L.: Negotiating trust on the web. IEEE Internet Computing 6(6) (2002)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Ragib Hasan
    • 1
  • Marianne Winslett
    • 1
  1. 1.Department of Computer ScienceUniversity of Illinois at Urbana-Champaign 

Personalised recommendations