Obligations of trust for privacy and confidentiality in distributed transactions

Purpose – This paper aims to describe a bilateral symmetric approach to authorization, privacy protection and obligation enforcement in distributed transactions. The authors introduce the concept of the obligation of trust (OoT) protocol as a privacy assurance and authorization mechanism that is built upon the XACML standard. The OoT allows two communicating parties to dynamically exchange their privacy and authorization requirements and capabilities, which the authors term a notification of obligation (NoB), as well as their commitments to fulfilling each other's requirements, which the authors term signed acceptance of obligations (SAO). The authors seek to describe some applicability of these concepts and to show how they can be integrated into distributed authorization systems for stricter privacy and confidentiality control. Design/methodology/approach – Existing access control and privacy protection systems are typically unilateral and provider-centric, in that the enterprise service provider assigns the access rights, makes the access control decisions, and determines the privacy policy. There is no negotiation between the client and the service provider about which access control or privacy policy to use. The authors adopt a symmetric, more user-centric approach to privacy protection and authorization, which treats the client and service provider as peers, in which both can stipulate their requirements and capabilities, and hence negotiate terms which are equally acceptable to both parties. Findings – The authors demonstrate how the obligation of trust protocol can be used in a number of different scenarios to improve upon the mechanisms that are currently available today. Practical implications – This approach will serve to increase trust in distributed transactions since each communicating party receives a difficult to repudiate digitally signed acceptance of obligations, in a standard language (XACML), which can be automatically enforced by their respective computing machinery. Originality/value – The paper adds to current research in trust negotiation, privacy protection and authorization by combining all three together into one set of standardized protocols. Furthermore, by providing hard to repudiate signed acceptance of obligations messages, this strengthens the legal case of the injured party should a dispute arise

D’Agents: Security in a Multiple-Language, Mobile-Agent System

Abstract. Mobile-agent systems must address three security issues: protecting an individual machine, protecting a group of machines, and protecting an agent. In this chapter, we discuss these three issues in the context of D’Agents, a mobile-agent system whose agents can be written in Tcl, Java and Scheme. (D’Agents was formerly known as Agent Tcl.) First we discuss mechanisms existing in D’Agents for protecting an individual machine: (1) cryptographic authentication of the agent’s owner, (2) resource managers that make policy decisions based on the owner’s identity, and (3) secure execution environments for each language that enforce the decisions of the resource managers. Then we discuss our planned market-based approach for protecting machine groups. Finally we consider several (partial) solutions for protecting an agent from a malicious machine.

Comparison and Alignment of Access Control Models

Turvasüsteemipoliitikat rakendatakse arvutis juurdepääsu kontrollimehhanismi kaudu. Juurdepääsu kontrollmehhanismi peamised kontrollid on konfidentsiaalsus, terviklikkus ja turvalisus. Juurdepääsu kontrollmehhanismi saab rakendada mistahes juurdepääsu kontrollmudelite kaudu. See on viis, kuidas volitamata kasutaja eest teavet või ressursse kaitsta, tagades juurdepääsu ainult volitatud kasutajale. On olemas erinevad juurdepääsu kontrollimudelid, kus kõik mudelid pole tänapäeva digitaalkeskkonnale piisavad. Seega tekib probleem ülesande lahendamisel, milline juurdepääsukontrolli mudel sobib teatud tüüpi mitme kasutaja infrastruktuuriga, millel on erinevad juurdepääsuvajadused. Juurdepääsu kontrollmudel erineb vastavalt keskkonnale. On olemas keskkond, mis annab juurdepääsu oma kasutajatele konkreetses võrgustikus ja keskkonnas, kus on kasutajaid, kes vahetavad võrke, et kasutada dünaamiliselt erinevaid ressursse. Seega on ressursside ja võrgu tõhusa kasutamise õige mudeli määramine keeruline, välja arvatud juhul, kui on võimalik olemasolevas mudelis kasutada vajalikke kontseptsioone, et muuta meie uus mudel paindlikumaks.Juurdepääsu kontrollimise standardid erinevate juurdepääsupõhiste õiguste haldamiseks on keerukad. Tekkivate tehnoloogiatega muutuvad süsteemi komponendid ajakohastatuks, seega on väljakutse leida sobiv ja paindlik juhtimismudel, mis vastab süsteemile. Isegi kui saadaval on erinevad juurdepääsukontrolli mudelid, on tõeline probleem leidmaks vajalikku juurdepääsu kontrollimehhanismi, mida saab kasutada meie uue juurdepääsukontrolli mudeli täiustamiseks, et turvaliselt juurde pääsedes ressursse tõhusalt kasutada.Lahenduseks on mõista juurdepääsu kontrollimudeli nõrku ja tugevaid omadusi, võrrelda erinevaid mudeleid ja viia nende parimad omadused kokku paindliku juurdepääsu kontrollimudeli koostamiseks. See saavutatakse süstemaatilise küsitluse abil, kus osalejad kinnitavad, et juurdepääsu kontrollimudelit saab mõista ja võrrelda kolme põhikomponendi: subjekti, poliitika ja objektiga, mille aluseks olevad põhimõtted, metamudelid ja kolme erineva juurdepääsu kontrollimudeli näitel.Erinevate juurdepääsukontrolli mudelite analüütiline võrdlus põhineb aruandel selle kohta, kuidas kasutajad sellega erinevatel juhtudel tegelevad. See uuring aitas saada erinevate inimeste arvamust reaalselt nii, et see empiiriline katsete läbiviimise viis suudaks leida tugevaid ja nõrgemaid tegureid. Lõpuks viiakse kõik tugevad tegureid kooskõlla uue paindliku juurdepääsukontrolli mudeli loomisega.Tulemus aitab võrrelda, uurida ja rakendada sobivat ja vajalikku juurdepääsu kontrollisüsteemile. See paneb meid mõtlema ka sellele, kuidas saab uut juurdepääsu kontrollisüsteemi analüüsida ja võrrelda olemasolevatega. Reaalajas vaatajaskonna abil saab selle väljund olla realistlik. Seda uurimustöö tulemust saab kasutada juurdepääsu kontrolli mudelite edasiseks täiustamiseks.Security system policies are implemented in the computer through access control mechanism. The primary controls that the access control mechanism possesses are confidentiality, integrity, and security. Access control mechanism can be applied through any of the access control models. It is is a way of protecting information or resources from the unauthorized user to provide access to authorized user. There exist different access control models in which all models are not adequate for today's digital environment. So, the problem arises in difficulty faced to choose which access control model suits well for a particular type of multi-user infrastructure with various access needs. Access control model differs according to the environment. There is an environment which grants access to its users within a particular network and for an environment which has users, who switch dynamically between different networks to access resources. Hence, determining the right model for the efficient use of resources and network is difficult, unless, there is a way to implement the needed concepts in our existing model as to make our new flexible model. Access control standards for managing different access privileges are complex to understand. With the emerging technologies, components of a system are getting updated, so, it will be a challenge to find out the suitable and flexible access control model that matches the system. Even though there are different access control model available, there is the real problem in finding out the needed access control mechanism which can be employed for the improvement of our new access control model for the efficient use of the resources to be accessed securely.The solution is to understand the weak and strong features of access control model by comparing different models and aligning their best features to compose into a flexible access control model. It is achieved with the help of systematic survey, where a group of audience validated that access control model can be understood and compared with three main components, subject, policy and object with underlying principles, meta-models and examples of three different access control model. Analytical comparison of different access control model is drawn from a report of how the audience deals with it at various cases that were analyzed. This survey helped to receive the opinion of different people realistically, such that this empirical way of conducting experiments concludes with the way for finding strong and weak factors. Finally, all the strong factors are aligned to form a new flexible access control model. The result helps to compare, study and implement a suitable and necessary access control system. It also makes us think in a way how a new access control system can be analyzed and compared with the existing ones. This research work result can be used for further research in future for the potential enhancement of newer access control models

Proceedings of the 2nd International Workshop on Security in Mobile Multiagent Systems

This report contains the Proceedings of the Second Workshop on Security on Security of Mobile Multiagent Systems (SEMAS2002). The Workshop was held in Montreal, Canada as a satellite event to the 5th International Conference on Autonomous Agents in 2001. The far reaching influence of the Internet has resulted in an increased interest in agent technologies, which are poised to play a key role in the implementation of successful Internet and WWW-based applications in the future. While there is still considerable hype concerning agent technologies, there is also an increasing awareness of the problems involved. In particular, that these applications will not be successful unless security issues can be adequately handled. Although there is a large body of work on cryptographic techniques that provide basic building-blocks to solve specific security problems, relatively little work has been done in investigating security in the multiagent system context. Related problems are secure communication between agents, implementation of trust models/authentication procedures or even reflections of agents on security mechanisms. The introduction of mobile software agents significantly increases the risks involved in Internet and WWW-based applications. For example, if we allow agents to enter our hosts or private networks, we must offer the agents a platform so that they can execute correctly but at the same time ensure that they will not have deleterious effects on our hosts or any other agents / processes in our network. If we send out mobile agents, we should also be able to provide guarantees about specific aspects of their behaviour, i.e., we are not only interested in whether the agents carry out-out their intended task correctly. They must defend themselves against attacks initiated by other agents, and survive in potentially malicious environments. Agent technologies can also be used to support network security. For example in the context of intrusion detection, intelligent guardian agents may be used to analyse the behaviour of agents on a firewall or intelligent monitoring agents can be used to analyse the behaviour of agents migrating through a network. Part of the inspiration for such multi-agent systems comes from primitive animal behaviour, such as that of guardian ants protecting their hill or from biological immune systems

Policy issues in interconnecting networks

To support the activities of the Federal Research Coordinating Committee (FRICC) in creating an interconnected set of networks to serve the research community, two workshops were held to address the technical support of policy issues that arise when interconnecting such networks. The workshops addressed the required and feasible technologies and architectures that could be used to satisfy the desired policies for interconnection. The results of the workshop are documented

A policy-based security framework for ad-hoc networks

Imperial Users onl

Tools to Communicate and Collaborate With on the Web: an Overview

Comprend des références bibliographiques