TTN: Towards Trust Negotiation for Grid Systems

Abstract

Trust management and trust negotiation are prevail- ing approaches for establishing trust relationship in Grid-based systems across security domains and inter-domains. In this paper, we propose TTN, a combining trust management with trust negotiation mechanism which provides the authorization and access control for the Scientific Data Grid and aims to enhance the grid security. The framework takes into account all aspects related to negotiations, from the policy language, negotiation protocol, strategy to algorithms used in negotiation. TTN presents a number of novel features, such as trust ticket that can speed up the negotiation, supporting different negotiation protocols to carry on a negotiation, the enhanced policy language for credentials and policies, as well as the trust management strategy and the optimal negotiation strategy. The results of experiments designed for our approach demonstrate the feasibility of TTN. I. INTRODUCTION Authorization is widely adopted by decentralized applica- tions, particularly in grids environment where the resources and the subjects belong to different security domains. Scien- tific Data Grid system of Chinese Academic of Science (CAS) belongs to this kind of system with resources distributed among different institutions. When applying the traditional access control mechanisms that regard pre-existing trust rela- tionships making authorization decisions based on the identity of the entity, we found that if the resource provider and requester are not known to each other, they could not identify the trust relationships. An alternative is to grant the access of resources to principal based on the properties of the requesters such as employer, address or credit line, and etc., which is called attribute based access control (ABAC). Recently, several systems, e.g., GridShib (1) and VOMS (2) etc., use a mediator to make an authorization decision by composing all agreements of decentralized authorities when a new requester wants to acquire the resource. Although this kind of systems present high efficiency, the attributes may be sensitive and the protection for privacy information is very awkward. Therefore, the automated trust negotiation (ATN) approach (3) enabling the resource requester and the provider to establish trust relationship through cautious, iterative, bilateral disclosure of digital credentials while preserving their privacy, is advanced for trust established across organizations. Recently, several trust negotiation approaches are proposed (3)-(6). However, these approaches mainly focus on selection of negotiation strategies, or credential and policy specification, or privacy protection, or just a solution of trust negotiation. They are lack of providing a integrated solution of trust negotiation that considers most of the aspects on negotiation, such as negotiation efficiency, trust management combination, negotiation process phrases. In this paper, we present a novel trust framework named TTN, which includes an XML-based policy language, an adaptive negotiation protocol, and the negotiation strategies for different purpose. TTN is designed for grids environment across security domain and inter-domain that allows the ne- gotiating parties selecting different negotiation protocols and strategies on demand. We firstly scheme an XML-based policy language named XTNPL. XTNPL allows the specification of a wide range of policies and provides the mechanism of sensitive attributes protection, based on the notion of ACK policy (7). Also, the XTNPL supports the trust ticket signed by the resource provider right after the successful negotiation. The second component is a TTN negotiation model consisting of an adaptive protocol and several strategies that supports negotiation between different protocols. A relevant aspect of strategy is that it supports trust management negotiation strategy and optimal negotiation strategy by using AO* (8) algorithm to disclose minimal sensitive information, which allow one to better leverage balance between efficiency and protection requirements. As a result, TTN is flexible and can support negotiations in a variety of scenarios, involving across domain and inter-domain. The rest of this paper is organized as follows. We survey the related work in the second part. The third part introduces the basic structure and components of the TTN framework. The fourth part gives the XML policy language. The fifth part focuses on the negotiation model including negotiation proto- cols and strategies. The sixth part gives the TTN architecture prototype for SDG. The seventh part shows the experiments and evaluations. The final part is conclusion and future work.