摘要
多安全域环境下的访问控制是域间进行协作必须要解决的问题之一。交互主体间的陌生性以及共享资源的敏感性成为跨域建立信任关系的主要障碍。自动信任协商的提出提供了解决这一问题的新途径,它通过协作主体间信任证和访问控制策略的反复交互披露,在资源的请求者和提供者之间自动地建立起信任关系。在分析现有自动信任协商技术的基础上,针对信任协商中存在的证书敏感属性信息泄露的问题提出了改进的方案。该方案可有选择性地披露信任证的敏感属性,从而达到协商过程中减少敏感信息泄露和提高协商系统抗攻击能力的目的。
Access control in muhi-domain environments is one of the important issues of building coalition between domains.However, how to establish trust among strangers without prior relationship and common security domain poses much difficulty for these activities. Auto- mated Trust Negotiation (ATN) is a new approach which establishes the trust relationship between strangers through iterative disclosure of credentials and access control policies. Based on the analysis of the current technology of automated trust negotiation,we proposed a scheme to improve the problem of the leakage of sensitive attribute information and personal privacy in trust negotiation. This scheme can disclose sensitive attributes in credential selectively ,and achieve the propose of reduce the sensitive information disclose and enhance the anti-attack capability of the trust negotiation system.
出处
《软件导刊》
2009年第11期183-185,共3页
Software Guide
关键词
信任协商
信任证
敏感属性
协商策略
Trust Negotiation
Credential
Sensitive Attribute
Negotiation Strategy