Automated cross-organisational trust establishment on extranets

被引：12

作者：

Au, R ^{[1
]}

Looi, M ^{[1
]}

Ashley, P ^{[1
]}

机构：

[1] Queensland Univ Technol, Sch Data Commun, Informat Secur Res Ctr, Brisbane, Qld 4001, Australia

来源：

PROCEEDINGS OF THE WORKSHOP ON INFORMATION TECHNOLOGY FOR VIRTUAL ENTERPRISES, ITVE 2001 | 2001年 / 23卷 / 06期

关键词：

trust establishment; trust distribution; extranet; trust token; web of trust; trust agent; security server;

D O I：

10.1109/ITVE.2001.904483

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

Trust management is an important aspect of information security in an organisation. It involves the complexity of relationships among people, computers and the organisational system. It becomes even more complex in the virtual enterprise environment where cross-organisational activities are involved. This paper presents a new paradigm for establishing trust across multiple organisations for external users on extranets. In our approach, the authorities of organisations administer their local users and at the same time can act as trust agents for distributing trust management information for other users in the virtual enterprise. Trust is propagated in the form of trust tokens through the web of trust. After collecting these trust tokens as recommendations, a new users can submit them to his destined organisation in order to acquire secure trust relation. By representing trust with a quantitative and comparable value, an automated mechanism for composing trust tokens is demonstrated.

引用

页码：3 / 11

页数：9

共 15 条

[1]

ABDULRAHMAN A, 1997, P NEW SEC PAR WORKSH

[2]

[Anonymous], 1996, P 1996 IEEE S SEC PR

[3]

ASHLEY P, 1999, PRACTICAL INTRANET S

[4]

AU R, 2000, P 5 AUSTR C INF SEC

[5]

BETH T, 1994, P C COMP SEC 1994

[6]

BIRREL AD, 1986, P 1986 IEEE S SEC PR

[7]

CHUANG S, 1996, P NEW SEC PAR WORKSH

[8]

DENNING D, 1993, P 1992 1993 ACM SIGS

[9]

ESSIN DJ, 1997, P 1997 NEW SEC PAR W

[10]

JOSANG A, 1996, P 1996 NEW SEC PAR W

← 1 2 →