Asymptotic Security Key Generation and Distribution Algorithm
Journal Title: International Journal of Computer & organization Trends(IJCOT) - Year 2012, Vol 2, Issue 6
Abstract
Service-oriented Architectures (SOA) facilitate the dynamic and seamless integration of services offered by different service providers which in addition can be located in different trust domains. Especially for business integration scenarios, Federated Identity Management emerged as a possibility to propagate identity information as security assertions across company borders in order to secure the interaction between different services. Although this approach guarantees scalability regarding the integration of identity-based services, it exposes a service provider to new security risks. These security risks result from the complex trust relationships within a federation. In a federation the authentication of a user is not necessarily performed within the service provider’s domain, but can be performed in the user’s local domain. Consequently, the service provider has to rely on authentication results received from a federation partner to enforce access control. This implies that the quality of the authentication process is out of control by the service provider and therefore becomes a factor which needs to be considered in the access control step. In order to guarantee a designated level of security, the quality of the authentication process should be part of the access control decision. To ease this process, we propose in this paper a method to rate authentication information by a level of trust which describes the strength of an authentication method. Additionally, in order to support the concept of a two-factor authentication, we also present a mathematical model to calculate the trust level when combining two authentication methods. Quantitative Trust Management (QTM) provides a dynamic interpretation of authorization policies for access control decisions based on upon evolving reputations of the entities involved. QuanTM, a QTM system, selectively combines elements from trust management and reputation management to create a novel method for policy evaluation. Trust management, while effective in managing access with delegated credentials (as in PolicyMaker and KeyNote), needs greater flexibility in handling situations of partial trust. Reputation management provides a means to quantify trust, but lacks delegation and policy enforcement. This paper reports on QuanTM’s design decisions and novel policy evaluation procedure. A representation of quantified trust relationships, the trust dependency graph, and a sample QuanTM application specific to the KeyNote trust management language, are also proposed.
Authors and Affiliations
Akash K Singh
Keywords
Related Articles
- EP ID EP93216
- DOI -
- Views 162
- Downloads 0
Security Issues and Data Management In Cloud Computing
Cloud computing placed IT to higher and new limits by providing the market environment data storage and capacity with flexible and scalable and processing power to reach the demand and supply while reducing the capital e...
Robust Data Clustering Algorithms for Network Intrusion Detection
IDS (Intrusion Detection system) is an active and driving defense technology. Intrusion detection is to detect attacks against a computer system. This project mainly focuses on intrusion detection based on data min...
An agent based Distributed thermal balancing–Task migration
The system reliability, performance, cost, and leakage power in deep sub micrometer era have a significant impact by thermal hotspots and temperature gradients. As the system complexity increases, it is very difficult to...
A Brief Survey On Document Clustering Techniques Using MATLAB
Document clustering is a more specific technique for unsupervised document organization, it is generally considered to be a centralized process. Clustering methods can be used to automatically group the retrieved documen...
A Survey On Report Based Secure Payment Scheme For Multihop Wireless Networks
Multihop wireless networks (MWNs) composed of two end nodes is carried out through a number of intermediate nodes whose function is to relay information from one point to another, without using any kind of fixed wired in...