Abstract
The development of network and distributed computing has aroused more and more information exchange between far away servers and clients. Many traditional access control systems based on certificates or predefined access control policies are insufficient to deal with abnormal access requests or hidden intrusions. A flexible and efficient mechanism is needed to support open authentication and secure interoperations. In this paper, we address this issue by proposing an Adaptive Secure Interoperation system using Trust-Level (ASITL), which involves a statistical learning algorithm to judge an access request event, an adaptive calculating algorithm to dynamically adjust a user’s trust-level and a self-protecting mechanism to prevent the system from potential risks. In particular, we also presented examples to demonstrate the secure working flow of ASITL.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Park, J., Sandhu, R.: RBAC on the Web by smart certificates. In: Endler, M., Schmidt, D.C. (eds.) Proceedings of 4th ACM Workshop on Role-Based Access Control, Fairfax, VA, pp. 1–9. ACM Press, New York (1999)
Bonatti, P., Vimercati, S., Samarati, P.: A modular approach to composing access control policies. In: Sushil, J., Pierangela, S. (eds.) Proceedings of 7th ACM Conference on Computer and Communication Security, Athens, Greece, pp. 164–173. ACM Press, New York (2000)
Li, N., Mitchell, J., Winsborough, W.: RT: A role-based trust-management framework. In: Bemmel, J., McCray, A. (eds.) Proceedings of 3rd DARPA Information Survivability Conference and Exposition (DISCEX III), Washington, pp. 201–212. IEEE Computer Society Press, Los Alamitos (2003)
Fan, H., Xian, Z., Shaobin, W.: Delegation Depth Control in Trust-management System. In: Shih, T., Shibata, Y. (eds.) Proceedings of 19th International Conference on Advanced Information Networking and Applications, vol. 2, Taiwan, pp. 411–414. IEEE Computer Society Press, Los Alamitos (2005)
Xiong, L., Ling, L.: PeerTrust: Supporting Reputation-Based Trust for Peer-to-Peer Electronic Communities. IEEE Transactions on Knowledge and Data Engineering 16(7), 843–857 (2004)
Bhavani, T.: Trust Management in a Distributed Environment. In: Bilof, R. (ed.) Proceedings of the 29th Annual International Computer Software and Application Conference, vol. 2, Edinburgh, Scotland, pp. 561–562. IEEE Computer Society Press, Los Alamitos (2005)
Nathan, D., Andras, B., David, E.: Using Trust and risk in Role-based Access Control Policies. In: Trent, J., Elena, F. (eds.) Proceedings of the 9th ACM Symposium on Access Control Models and Technologies, pp. 156–162. ACM Press, New York (2004)
Kilho, S., Hiroshi, Y.: Provably Secure Anonymous Access Control for Heterogeneous Trusts. In: Anderson, S., Felici, M. (eds.) Proceedings of the 1st International Conference on Availability, Reliability and Security, Vienna, Austria, pp. 24–33. IEEE Computer Society Press, Los Alamitos (2006)
Bertino, E., Khan, L., Sandhu, R.: Secure Knowledge Management: Confidentiality, Trust, and Privacy. IEEE Transactions on Systems, man, and Cybernetics 36(3), 429–438 (2006)
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2007 Springer Berlin Heidelberg
About this paper
Cite this paper
Jin, L., Lu, Z. (2007). ASITL: Adaptive Secure Interoperation Using Trust-Level. In: Yang, C.C., et al. Intelligence and Security Informatics. PAISI 2007. Lecture Notes in Computer Science, vol 4430. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-71549-8_10
Download citation
DOI: https://doi.org/10.1007/978-3-540-71549-8_10
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-71548-1
Online ISBN: 978-3-540-71549-8
eBook Packages: Computer ScienceComputer Science (R0)