摘要
在Internet日益孕育新技术和新应用的同时,交互主体间的生疏性以及共享资源的敏感性成为跨安全域信任建立的屏障.自动信任协商是通过协作主体间信任证、访问控制策略的交互披露,逐渐为各方建立信任关系的过程.系统介绍了这一崭新研究领域的理论研究和应用进展情况,并对信任协商中的协商模型、协商体系结构、访问控制策略规范、信任证描述及发现收集、协商策略及协商协议等多项关键技术的研究现状进行分析和点评,最后针对目前研究工作中存在的一些问题,对未来的研究方向及工作进行展望.通过对自动信任协商的研究及其进展的介绍,希望有助于在维护开放网络中主体自治性和隐私性的同时,研究更高效、实用的信任自动建立技术.
The proliferation of the lnternet has given opport unities on different entities to share resources or conduct business transactions. However, how to establish trust among strangers without prior relationship and common security domain poses much difficulty for these activities. To resolve these problems, a promising approach known as Automated Trust Negotiation (ATN), which establishes the trust between strangers with iterative disclosure of credentials and access control policies, is proposed. In this paper, a comprehensive survey of research on ATN is presented, and some basic techniques, e.g. negotiation model and architecture, access control policy specification, credential description and credential chain discovery, are introduced and compared. Then based on the analysis o f the shortcomings and problem s of the techniques, the trend of research and application is discussed. All these work may contribute to the further work on trust establishment for entities with privacy protection and autonomy in open internet.
出处
《软件学报》
EI
CSCD
北大核心
2006年第1期124-133,共10页
Journal of Software
基金
国家自然科学基金
国家高技术研究发展计划(863)~~
关键词
信息安全
信任协商
访问控制策略
信任证
协商策略
information security
trust negotiation
access control policy
credential
negotiation strategy
