Advanced Security Proxy Technology for High Confidence Networks: Advances in Trust Negotiation

Abstract

This effort addresses the recent trend to fight battles with a coalition of forces from many different commands and countries. This also applies to the business world where companies are cooperating more in order to get new, innovative products on the marketplace, and insure that they all interface together. In order to exchange information between coalitions of organizations (businesses) that have no shared infrastructure and only limited mutual trust, there must be established some sort of bilateral credential exchange, which is called trust negotiation (TN). To accomplish this, a common thread is established throughout this effort to support creation and management of sensitive credentials and policy content to use in attribute-based access control (ABAC). Current ABAC technology is either not sufficiently scalable to meet the needs of dynamic coalitions, or else provides the same access rights to all users. This is usually not desirable when fighting battles or making deals in the business world. In this study, steps are taken toward the goal of making ABAC systems that are highly scalable and fine grained, and to identify issues in the areas of distributed credential discovery, policy language design, and realistic TN strategies.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Oct 01, 2002
Accession Number
ADA408633

Entities

People

  • William Winsborough

Tags

DTIC Thesaurus Topics

  • Abstracts
  • Air Force
  • Air Force Research Laboratories
  • Classification
  • Commerce
  • Computer Access Control
  • Information Operations
  • Information Systems
  • Language
  • Military Research
  • Negotiations
  • New York
  • Security
  • Standards

Fields of Study

  • Computer science

Readers

  • Cybersecurity.
  • International Relations and European Studies
  • Systems Analysis and Design