Abstract
The main goal of establishing collaboration between heterogeneous environment is to create such as Pervasive context which provide nomadic users with ubiquitous access to digital information and surrounding resources. However, the constraints of mobility and heterogeneity arise a number of crucial issues related to security, especially authentication access control and privacy. First of all, in this chapter we explore the trust paradigm, specially the transitive capability to enable a trust peer to peer collaboration. In this manner, when each organization sets its own security policy to recognize (authenticate) users members of a trusted community and provide them a local access (access control), the trust transitivity between peers will allows users to gain a broad, larger and controlled access inside the pervasive environment. Next, we study the problem of user’s privacy. In fact in pervasive and ubiquitous environments, nomadic users gather and exchange certificates or credential which providing them rights to access by transitivity unknown and trusted environments. These signed documents embeds increasing number of attribute that require to be filtered according to such contextual situation. In this chapter, we propose a new morph signature enabling each certificate owner to preserve his privacy by discloses or blinds some sensitive attributes according to faced situation.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
A. Abdul-Rahman and S. Hailes. A distributed Trust Model. The ACM Workshop on New Security Paradigms, pp 48–60, Sep 1997.
Abdul-Rahman A., Hailes S. Supporting Trust in Virtual Communities. Hawaii Int. Conference on System Sciences, January 2000.
A. Abou El Kalam, R. El Baida, P. Balbiani, S. Benferhat, F. Cuppens, Y. Deswarte, A. Mige, C. Saurel, and G. Trouessin, Organization Based Access Control. IEEE 4th International Workshop on Policies for Distributed Systems and Networks. pp 120–131, Jun 2003.
M. Al-Kahtani and R. Sandhu, A Model for Attribute-Based User-Role Assignment. The 18th Annual Computer Security Applications Conference, pp 353, Dec 2002.
F. Almenarez, A. Marin, C. Campo, C. Garcia-Rubio. PTM: A Pervasive Trust Management Model for Dynamic Open Environments. In Proc. of the First Workshop on Pervasive Security, Privacy and Trust, PSP’04 in conjuntion with Mobiquitous 2004. Boston, MA, USA, August, 2004.
F. Almenarez, A. Marin, C. Campo, C. Garcia-Rubio. TrustAC: Trust-Based Access Control for Pervasive Devices. Security in Pervasive Computing: Second International Conference, SPC 2005, Boppard, Germany, April 6–8, 2005.
F. Almenarez, A. Marin, D. Diaz, and J. Sanchez, Developing a Model for Trust Management in Pervasive Devices. In Proc. of the Fourth Annual IEEE International Conference on Pervasive Computing and Communications, 13–17 March, 2006.
Bernard Barber. The Logic and Limits of Trust. Rutgers University Press, NJ, USA, 1983.
M. Bartel, J. Boyer, B. Fox, B. LaMacchia, and E. Simon. XML-encryption syntax and processing. In W3C Recommendation. Feb 2002. http://www.w3.org/TR/2002/REC-xmldsig-core-20020212/
D. E. Bell.A Refinement of the Mathematical Model. Technical Report ESD-TR-278 vol. 3, The Mitre Corp., Bedford, MA, 1973.
E. Bertino E, P. A. Bonatti, and E. Ferrari, TRBAC: A temporal role based access control model. The fifth ACM workshop on Role-based access control, pp 21–30, Jul 2000.
Elisa Bertino, Elena Ferrari, Anna Squicciarini. Trust-X: A Peer-to-Peer Framework for Trust Establishment. IEEE Transactions on Knowledge and Data Engineering, 2004.
T. Beth, M. Borcherding, and B. Klein. Valuation of Trust in Open Networks. The European Symposium on Research in Computer Security, Nov 1994.
Stefan Brands. A technical Overview of Digital Credentials. Research Report, Feb 2002.
L. Bull, P. Stanski, and D. M. Squire. Content extraction signatures using XML digital signatures and custom transforms on-demand. In Proceedings of the 12th international Conference on World Wide Web pages 170–177. May 2003.
L. Bussard, Y. Roudier, R. Kilian-Kehr, S. Crosta. Trust and Authorization in Pervasive B2E Scenarios. 6th Information Security Conference, Oct 2003.
Licia Capra. Engineering Human Trust in Mobile System Collaborations. In Proc. of the 12th International Symposium on the Foundations of Software Engineering (SIGSOFT 2004), pp. 107–116, November 2004.
L. Capra and M. Musolesi. Autonomic Trust Prediction for Pervasive Systems. In Proc. of IEEE International Workshop on Trusted and Autonomic Computing Systems (TACS-06), in conjunction with 20th IEEE International Conference on Advanced Information Networking and Applications (AINA 2006), April 2006.
Marco Carbone, Mogens Nielsen, and Vladimiro Sassone. A Formal Model for Trust in Dynamic Networks. BRICS Report RS-03-4, 2003.
Catholijn M. Jonker and Jan Treur. Formal Analysis of Models for the Dynamics of Trust Based on Experiences. In Proc. of the 9th European Workshop on Modelling Autonomous Agents in a Multi-Agent World, 1999.
D. Chadwick and A. Otenko, The PERMIS X.509 role based privilege management infrastructure. The seventh ACM symposium on Access control models and technologies, pp 135–140, 2002.
Challenge-response authentication From Wikipedia, the free encyclopedia. http://en.wikipedia.org/wiki/Challenge-response_authentication
James Coleman. Foundations of Social Theory. Harvard University Press, 1990.
Francis Fukuyama. Trust: The Social Virtues and the Creation of Prosperity. Free Press, 1995.
N. S. Glance, D. Arregui, and M. Dardenne. Making recommender systems work for organizations. International Conference on Practical Application of Intelligent Agents and Multi-Agents (PAAM), Apr 1999.
R. Guha, Ravi Kumar, Prabhakar Raghavan, and Andrew Tomkins. Propagation of Trust and Distrust. In Proceedings of the International World Wide Web Conference, 2004 (WWW2004).
M. H. Harrison, W. L. Ruzzo, and J. D. Ullman. Protection in Operating Systems. Communications of the ACM, 19(8):461–471, 1976.
D. Harrison McKnight, Vivek Choudhury and Charles Kacmar. Developing and Validating Trust Measures for e-Commerce: An Integrative Typology. Information Systems Research, September 2002.
ITU-T Simple public key infrastructure (SPKI) charter, http://www.ietf.org/html.charters/OLD/spki-charter.html.
ITU-T Rec. X.509 (2000). ISO/IEC 9594-8 The Directory: Authentication Framework.
ITU-T Rec. X.680 (2002) ISO/IEC 8824-1:2002, http://asn1.elibel.tm.fr/en/standards/index.htm
R. Johnson, D. Molnar, D. Song and D. Wagner, Homomorphic signature schemes, Proceeding in Cryptology - CT-RSA 2002, ed. B. Preneel, LNCS 2271, pp. 244–262, 2002.
L. Kagal, T. Finin, A. Joshi. Trust-Based Security in Pervasive Computing Environments. IEEE Computer, 34(12)154–157, Dec 2001.
L. Kagal, T. Finin and Y. Peng, A Delegation Based Model for Distributed Trust. Workshop on Autonomy, Delegation, and Control: Interacting with Autonomous Agents, pp 73–80, Aug 2001.
R. E. Kalman. A New Approach to Linear Filtering and Prediction Problems. Transactions of the ASME - Journal of Basic Engineering, 82(Series D):35-45, 1960.
R. Levien and A. Aiken. Attack Resistant Trust Metrics for Public Key Certification. In Proc. of the 7th USENIX Security Symposium, pp. 265 -298, January 1998.
M. Lorch, D. Adams, D. Kafura, et al. The PRIMA System for Privilege Management, Authorization and Enforcement. In Proceedings of the 4th International Workshop on Grid Computing, Nov 2003.
Niklas Luhmann. Trust and Power. Wiley, Chichester, England, 1979.
Marsh, S. Formalising Trust as a Computational Concept. Ph.D. Thesis. Department of Mathematics and Computer Science, University of Stirling, Scotland, UK. 1994.
S. P. Marsh. Formalising Trust as a Computational Concept. PhD thesis, University of Stirling, Apr 1994.
S. Micali and R. Rivest L. 2002. Transitive Signature Schemes. In Proceedings of the the Cryptographer’s Track At the RSA Conference on Topics in Cryptology, Computer Science, vol. 2271. pp 236–243, Feb 2003.
X. Orri, J. M. Mas, SPKI-XML Certificate Structure Internet-Draft, Octalis SA, Nov 2001. http://www.ietf.org/internetdrafts/draft-orri-spki-xml-cert-struc-00.txt
L. Pearlman, V. Welch, I. Foster, C. Kesselman, and S. Tuecke. A Community Authorization Service for Group Collaboration. IEEE 3rd International Workshop on Policies for Distributed Systems and Networks, Jun 2002.
R. Saadi, J. M. Pierson, L. Brunie. (Dis)trust Certification Model for Large Access in Pervasive Environment. JPCC International Journal of Pervasive Computing and Communications. Volume 1, Issue 4, pp 289–299. Oct 2005.
Rachid Saadi, Jean-Marc Pierson and Lionel Brunie. Context Adapted Certificate Using Morph Template Signature for Pervasive Environments. The International Symposium on Ubiquitous Computing Systems (UCS 2007), Nov 2007.
R. Sandhu, E. J. Coyne, H. L. Feinstein, and al. Role-Based Access Control Models. IEEE Computer, 29(2):38–47, 1996.
Sant, P. and Maple, C. A Graph Theoretic Framework for Trust - From Local to Global. Information Visualization, July 2006.
Dana S. Scott. Domains for Denotational Semantics. ICALP ’82 - LNCS, 140, 1982.
Shibboleth, url : “http://shibboleth.internet2.edu”.
L. Seitz, J. M. Pierson and L. Brunie. Semantic Access Control for Medical Applications in Grid Environments. A International Conference on Parallel and Distributed Computing, pp 374–383, Aug 2003 Shibboleth, url : “http://shibboleth.internet2.edu”.
N. Shankar, W. Arbaugh. On Trust for Ubiquitous Computing. Workshop on Security in Ubiquitous Computing, Sep 2004.
Shibboleth architecture, technical overview, url: “http://shibboleth.internet2.edu/docs/draft-mace-shibboleth-tech-overview-latest.pdf”.
R. Steinfeld, L. Bull and Y. Zheng; Content Extraction Signatures. In Proceedings of 4th International Conference of Information Security and Cryptology. pages 285–2004. Dec 2001.
M. R. Thompson, A. Essiari, and S. Mudumbai 2003. Certificate-based authorization policy in a PKI environment. ACM Trans. Inf. Syst. Secur. 6, 4, pp 566–588, Nov 2003.
J. Watt and O. Ajayi and J. Jiang and J. Koetsier and R. O. Sinnott. A Shibboleth-Protected Privilege Management Infrastructure for e-Science Education, The Sixth IEEE International Symposium on Cluster Computing and the Grid, pp 357–364, 2006.
V. Welch, F. Siebenlist, I. Foster, J. Bresnahan, K. Czajkowski, J. Gawor, C. Kesselman, S. Meder, L. Pearlman, S. Tuecke. Security for Grid Services. Twelfth International Symposium on High Performance Distributed Computing, Jun 2003.
M. Winslett, T. Yu, K. E. Seamons, A. Hess, J. Jacobson, R. Jarvis, B. Smith, L. Yu, Negotiating trust in the Web. IEEE Internet Computing, Nov/Dec 2002.
P. R. Zimmermann. The Official PGP User’s Guide. MIT Press, Cambridge, MA, USA, 1995.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2010 Springer-Verlag London Limited
About this chapter
Cite this chapter
Saadi, R., Pierson, JM., Brunie, L. (2010). Security in Distributed Collaborative Environments: Limitations and Solutions. In: Chbeir, R., Badr, Y., Abraham, A., Hassanien, AE. (eds) Emergent Web Intelligence: Advanced Information Retrieval. Advanced Information and Knowledge Processing. Springer, London. https://doi.org/10.1007/978-1-84996-074-8_16
Download citation
DOI: https://doi.org/10.1007/978-1-84996-074-8_16
Published:
Publisher Name: Springer, London
Print ISBN: 978-1-84996-073-1
Online ISBN: 978-1-84996-074-8
eBook Packages: Computer ScienceComputer Science (R0)