开放系统中基于历史角色的快速协商模型

在开放式网络环境中,资源的请求者和提供者往往隶属于不同的安全域。在陌生人之间建立信任并保证共享资源的安全可以通过自动信任协商来实现。如何加速这些实体之间的后续协商过程是随之要解决的重要问题。通过分析自动信任协商对系统的需求,提出了支持快速协商的基于历史角色的自动信任协商模型HRFN。HRFN将角色的概念引进来,根据协商过程中暴露出的证书为协商对方分配一定的角色,并将这些角色记录在历史信息记录中,同时记录该角色对应的证书暴露序列。在后续协商过程中,如果资源请求者的历史角色具有访问权限,则双方根据该角色对应的证书暴露序列来暴露证书。经试验验证,HRFN模型的安全性能更高,而且满足自动信任协商的快速需求。

A Historical Role-based Fast Negotiation Model in Open Network

In the open network,the resource requesters and providers often belong to different security domains.It can be achieved through automated trust negotiation（ATN） to build confidence among strangers and to ensure the security of shared resources.How to speed up the subsequent negotiation between these entities is the important issue.This paper analyzed the automatic trust negotiation and proposed the historical role-based fast negotiation model HRFN.HRFN introduces the concept of role.HRFN maps the counterparty to many roles connecting with many access privileges according to the credentials he disclosed during previous successful negotiation.HRFN records these roles with its credential disclosure sequence in the HIB.In the subsequent negotiation,the resource provider checks that if the requester has a role that is permitted to access the resources.If such a role exists,the negotiators can disclose credentials according to the credential disclosure sequence and then conduct a successful negotiation.After experimental verification,HRFN model was verified to has higher safety performance and also meet the rapid demand for automated trust negotiation.