HiTrust: building cross-organizational trust relationship based on a hybrid negotiation tree

Abstract

In a pervasive computing environment, the need to establish trust amongst distributed services has attracted increasing attentions from both the industry and academia. As a widely adopted solution to carry a principal's identity and attributes of different organizations, the credential-based trust establishment has become popular over Internet. In this paper, we propose a hybrid negotiation tree based modeling approach, named HiTrust, to build cross-organizational trust relationship. The HiTrust is used to characterize the gradual interactions state during the trust establishment between the principals from different security organizations. Compared with the original disclosure tree model, the hybrid tree model in HiTrust can embed both policies and credential sets in a tree node, and is able to describe fine-grained security policy with attributes or negotiation context information. This property endows the HiTrust with the capability of describing complex trust establishment requirements, and makes it more efficient to search desired tree node. Furthermore, to enhance the usability and efficiency of negotiation service, we propose a session state maintenance mechanism based on a policy stack and an asynchronous trust chain propagation mechanism. We have implemented the HiTrust prototype system, and experimentally verified that the HiTrust is effective and scalable.