共查询到20条相似文献,搜索用时 15 毫秒
1.
2.
Jianxin Li Dacheng Zhang Jinpeng Huai Jie Xu 《Peer-to-Peer Networking and Applications》2009,2(2):164-177
Service-oriented architecture (SOA) and Software as a Service (SaaS) are the latest hot topics to software manufacturing and
delivering, and attempt to provide a dynamic cross-organisational business integration solution. In a dynamic cross-organisational
collaboration environment, services involved in a business process are generally provided by different organisations, and
lack supports of common security mechanisms and centralized management middleware. On such occasions, services may have to
achieve middleware functionalities and achieve business objectives in a pure peer-to-peer fashion. As the participating services
involved in a business process may be selected and combined at run time, a participating service may have to collaborate with
multiple participating services which it has no pre-existing knowledge in prior. This introduces some new challenges to traditional
trust management mechanisms. Automated Trust Negotiation (ATN) is a practical approach which helps to generate mutual trust
relationship for collaborating principals which may have no pre-existing knowledge about each other without in a peer-to-peer
way. Because credentials often contain sensitive attributes, ATN defines an iterative and bilateral negotiation process for
credentials exchange and specifies security policies that regulate the disclosure of sensitive credentials. Credentials disclosure
in the iterative process may follow different orders and combinations, each of which forms a credential chain. It is practically
desirable to identify the optimal credential chain that satisfies certain objectives such as minimum release of sensitive
information and minimum performance penalty. In this paper we present a heuristic and context-aware algorithm for identifying
the optimal chain that uses context-related knowledge to minimize 1) the release of sensitive information including both credentials
and policies and 2) the cost of credentials retrieving. Moreover, our solution offers a hierarchical method for protecting
sensitive policies and provides a risk-based strategy for handling credential circular dependency. We have implemented the
ATN mechanisms based on our algorithm and incorporated them into the CROWN Grid middleware. Experimental results demonstrate
their performance-related advantages over other existing solutions.
Jianxin Li is a research staff and assistant professor in the School of Computer Science and Engineering, Beihang University, Beijing china. He received the Ph.D. degree in Jan. 2008. He has authored over 10 papers in SRDS, HASE and eScience etc. Her research interests include trust management, information security and distributed system.
Dacheng Zhang received his BSc. in Computer Science at Northern Jiaotong University. Dacheng then worked at the Beijing Rail Mansion and Beijing Zhan Hua Dong He Ltd. as a software engineer. In 2004, Dacheng received his MSc. degree in Computer Science at the University of Durham. The topic of his thesis was “Multi-Party Authentication for Web Services”. Dacheng is now a PhD student in the School of Computing, University of Leeds, UK. His research area covers Multi-Party Authentication systems for Web services, Long Transactions, and Identity based authentication systems. Currently, he is exploring Coordinated Automatic Actions to manage Web Service Multi-Party Sessions.
Jinpeng Huai is a Professor and Vice President of Beihang University. He serves on the Steering Committee for Advanced Computing Technology Subject, the National High-Tech Program (863) as Chief Scientist. He is a member of the Consulting Committee of the Central Government Information Office, and Chairman of the Expert Committee in both the National e-Government Engineering Taskforce and the National e-Government Standard office. Dr. Huai and his colleagues are leading the key projects in e-Science of the National Science Foundation of China (NSFC) and Sino-UK. He has authored over 100 papers. His research interests include middleware, peer-to-peer (P2P), grid computing, trustworthiness and security.
Professor Jie Xu is Chair of Computing at the University of Leeds (UK) and Director of the EPSRC WRG e-Science Centre involving the three White Rose Universities of Leeds, York and Sheffield. He is also a visiting professor at the School of Computing Science, the University of Newcastle upon Tyne (UK) and a Changjiang Scholar visiting professor at Chongqing University (China). He has worked in the field of Distributed Computer Systems for over twenty years and had industrial experience in building large-scale networked systems. Professor Xu now leads a collaborative research team at Leeds studying Grid and Internet technologies with a focus on complex system engineering, system security and dependability, and evolving system architectures. He is the recipient of the BCS/IEE Brendan Murphy Prize 2001 for the best work in the area of distributed systems and networks. He has led or co-led many key research projects served as Program Chair/PC member of, many international computer conferences. Professor Xu has published more than 150 edited books, book chapters and academic papers, and has been Editor of IEEE Distributed Systems since 2000. 相似文献
| Jie XuEmail: |
Jianxin Li is a research staff and assistant professor in the School of Computer Science and Engineering, Beihang University, Beijing china. He received the Ph.D. degree in Jan. 2008. He has authored over 10 papers in SRDS, HASE and eScience etc. Her research interests include trust management, information security and distributed system.
Dacheng Zhang received his BSc. in Computer Science at Northern Jiaotong University. Dacheng then worked at the Beijing Rail Mansion and Beijing Zhan Hua Dong He Ltd. as a software engineer. In 2004, Dacheng received his MSc. degree in Computer Science at the University of Durham. The topic of his thesis was “Multi-Party Authentication for Web Services”. Dacheng is now a PhD student in the School of Computing, University of Leeds, UK. His research area covers Multi-Party Authentication systems for Web services, Long Transactions, and Identity based authentication systems. Currently, he is exploring Coordinated Automatic Actions to manage Web Service Multi-Party Sessions.
Jinpeng Huai is a Professor and Vice President of Beihang University. He serves on the Steering Committee for Advanced Computing Technology Subject, the National High-Tech Program (863) as Chief Scientist. He is a member of the Consulting Committee of the Central Government Information Office, and Chairman of the Expert Committee in both the National e-Government Engineering Taskforce and the National e-Government Standard office. Dr. Huai and his colleagues are leading the key projects in e-Science of the National Science Foundation of China (NSFC) and Sino-UK. He has authored over 100 papers. His research interests include middleware, peer-to-peer (P2P), grid computing, trustworthiness and security.
Professor Jie Xu is Chair of Computing at the University of Leeds (UK) and Director of the EPSRC WRG e-Science Centre involving the three White Rose Universities of Leeds, York and Sheffield. He is also a visiting professor at the School of Computing Science, the University of Newcastle upon Tyne (UK) and a Changjiang Scholar visiting professor at Chongqing University (China). He has worked in the field of Distributed Computer Systems for over twenty years and had industrial experience in building large-scale networked systems. Professor Xu now leads a collaborative research team at Leeds studying Grid and Internet technologies with a focus on complex system engineering, system security and dependability, and evolving system architectures. He is the recipient of the BCS/IEE Brendan Murphy Prize 2001 for the best work in the area of distributed systems and networks. He has led or co-led many key research projects served as Program Chair/PC member of, many international computer conferences. Professor Xu has published more than 150 edited books, book chapters and academic papers, and has been Editor of IEEE Distributed Systems since 2000. 相似文献
3.
4.
5.
CONCENSUS: multi-party negotiation support for conflict resolution in concurrent engineering design 总被引:2,自引:0,他引:2
Advances in telematics have led many manufacturing companies in particular to explore the adoption of groupware technology to improve communication between team members. However, complex activities such as conflict resolution are still predominantly facilitated through face-to-face negotiation meetings. Intelligent software agents technology is being applied to support computer-mediated conflict resolution activities, such as information search and retrieval, recording negotiation process history and task allocation – whilst the creative negotiation activities such as generating new solutions, preventing and detecting conflicts are still left to the human experts. This paper describes the development of a framework for the support of multi-party negotiation for multi-agent systems, which will be introduced through a general overview of the requirements of multi-agent negotiation. Finally, the current architecture of the developed prototype for a CONCurrent Engineering Negotiation SUpport System (CONCENSUS) is presented. 相似文献
6.
Al-Riyami and Paterson proposed four authenticated tripartite key agreement protocols which make use of the Weil pairing. Recently, Lee et al. extended the protocols to a multi-party setting assuming the existence of cryptographic multilinear forms. In this paper we show that the tripartite and multi-party authenticated key agreement protocols are insecure against several active attacks. 相似文献
7.
8.
The provision of services is often regulated by means of agreements that must be negotiated beforehand. Automating such negotiations is appealing insofar as it overcomes one of the most often cited shortcomings of human negotiation: slowness. Our analysis of the requirements of automated negotiation systems in open environments suggests that some of them cannot be tackled in a protocol-independent manner, which motivates the need for a protocol-specific architecture. However, current state-of-the-art bargaining architectures fail to address all of these requirements together. Our key contribution is a bargaining architecture that addresses all of the requirements we have identified. The definition of the architecture includes a logical view that identifies the key architectural elements and their interactions, a process view that identifies how the architectural elements can be grouped together into processes, a development view that includes a software framework that provides a reference implementation developers can use to build their own negotiation systems, and a scenarios view by means of which the architecture is illustrated and validated. 相似文献
9.
Joohyung Lee Jong Min Lee Seong Gon Choi Jun Kyun Choi 《Multimedia Tools and Applications》2013,64(2):439-453
For multicast service in WiMAX, there are trade-offs between overall channel efficiency and the number of users under the commitment of service level agreements (SLAs). So, it is important to compromise between accommodating many users under the commitment of SLA and channel efficiency. In order to give an insight of multicast efficiency, we suggest a novel metric which is named as channel efficiency (MCE) factor. In addition, we proposed the practical SLA negotiation scheme based on proposed novel metric. Numerical results show that the proposed practical scheme significantly outperforms the conventional multicast transmission scheme. 相似文献
10.
Recently, Sun et al. (Quantum Inf Process 12:3411–3420, 2013) presented an efficient multi-party quantum key agreement (QKA) protocol by employing single particles and unitary operations. The aim of this protocol is to fairly and securely negotiate a secret session key among \(N\) parties with a high qubit efficiency. In addition, the authors claimed that no participant can learn anything more than his/her prescribed output in this protocol, i.e., the sub-secret keys of the participants can be kept secret during the protocol. However, here we point out that the sub-secret of a participant in Sun et al.’s protocol can be eavesdropped by the two participants next to him/her. Moreover, a certain number of dishonest participants can fully determine the final shared key in this protocol. Finally, we discuss the factors that should be considered when designing a really fair and secure QKA protocol. 相似文献
11.
针对服务等级协议(SLA)的自动协商中用于协商的SLA元素及协商过程缺乏语义描述的问题,提出了一种基于语义网技术的SLA协商机制。首先提出一种协商本体Osn,该本体专门描述直接用于协商过程的SLA元素;设计了SLA协商元素的映射函数及协商评估函数并使用Osn描述这些函数,基于描述逻辑对Osn的主要概念及概念之间的关系给出了形式化描述,为Osn提供了可满足的语义模型。进而提出了一种针对SLA协商的讨价还价模型,通过对有关命题及定理的证明说明采用该模型可以形成帕累托最优的协商出价;采用该模型基于OWL-S与统一建模语言(UML)的映射关系设计了针对SLA协商的服务本体。实例研究的结果表明Osn描述的知识可以形成满足协商参与者利益最大化需求的出价序列。从而说明:Osn可以对服务本体提供针对任意SLA协商的参数类型支持;面向SLA协商的讨价还价模型可以形成双方可接受的SLA。 相似文献
12.
CSCW协同建组协商策略研究 总被引:1,自引:0,他引:1
提出了一个支持协商建立协同工作组的自动协商策略集合。该策略集基于PFCSP限制表示框架将时间和资源因素综合考虑,克服了相关协商策略分离研究的限制。其中反提案生成结合使用了“折中”和“放松”两种策略, 建组协商中特有的“组策略”被提出用于支持在建组内部统一意见的meta协商。通过分析各策略属性、通信开销和计算量,对该策略在协商建组环境下的正确性和有效性进行了验证,并以实例说明了策略的应用过程。 相似文献
13.
TANG ChunMing SHI GuiHua & YAO ZhengAn School of Mathematics Information Science Guangzhou University Guangzhou China State Key Laboratory of Information Security 《中国科学:信息科学(英文版)》2011,(8):1654-1662
In the field of multi-party computation,an important problem is how to construct an efficient and secure multi-party computation protocol for certain specific problems.In the present study,we make use of a secret sharing scheme to construct an efficient and secure multi-party computation protocol for sequencing problems.Our protocols are perfectly secure against both a passive adversary that can corrupt at most t (n-1)/2 participants, and an active adversary that can corrupt at most t < n/3 participants.The... 相似文献
14.
The BNS-Chung criterion for multi-party communication complexity 总被引:1,自引:1,他引:0
R. Raz 《Computational Complexity》2000,9(2):113-122
The "Number on the Forehead" model of multi-party communication complexity was first suggested by Chandra, Furst and Lipton.
The best known lower bound, for an explicit function (in this model), is a lower bound of , where n is the size of the input of each player, and k is the number of players (first proved by Babai, Nisan and Szegedy). This lower bound has many applications in complexity
theory. Proving a better lower bound, for an explicit function, is a major open problem. Based on the result of BNS, Chung
gave a sufficient criterion for a function to have large multi-party communication complexity (up to ). In this paper, we use some of the ideas of BNS and Chung, together with some new ideas, resulting in a new (easier and
more modular) proof for the results of BNS and Chung. This gives a simpler way to prove lower bounds for the multi-party communication
complexity of a function.
Received: December 12, 1997. 相似文献
15.
为某些特殊问题构造有效的安全多方计算协议是多方计算研究领域的一个重要分支.文中使用密钥共享方案为排序问题构造了一个有效的安全多方计算协议,该协议在n个参与者中至多只有t个不诚实者,若t≤(n-1)/2,则它在被动攻击下是完全安全的;若t相似文献
16.
Dan Bogdanov Margus Niitsoo Tomas Toft Jan Willemson 《International Journal of Information Security》2012,11(6):403-418
Secure multi-party computation (MPC) is a technique well suited for privacy-preserving data mining. Even with the recent progress in two-party computation techniques such as fully homomorphic encryption, general MPC remains relevant as it has shown promising performance metrics in real-world benchmarks. Sharemind is a secure multi-party computation framework designed with real-life efficiency in mind. It has been applied in several practical scenarios, and from these experiments, new requirements have been identified. Firstly, large datasets require more efficient protocols for standard operations such as multiplication and comparison. Secondly, the confidential processing of financial data requires the use of more complex primitives, including a secure division operation. This paper describes new protocols in the Sharemind model for secure multiplication, share conversion, equality, bit shift, bit extraction, and division. All the protocols are implemented and benchmarked, showing that the current approach provides remarkable speed improvements over the previous work. This is verified using real-world benchmarks for both operations and algorithms. 相似文献
17.
Quantum Information Processing - Ground-state cooling of multiple mechanical resonators is an important goal in the study of quantum optomechanics. Here, we propose a dynamic dissipative... 相似文献
18.
Paurobally S. Turner P.J. Jennings N.R. 《IEEE transactions on systems, man, and cybernetics. Part A, Systems and humans : a publication of the IEEE Systems, Man, and Cybernetics Society》2003,33(6):709-724
Mobile electronic commerce (m-commerce) is an emerging manifestation of Internet electronic commerce that bridges the domains of Internet, mobile computing and wireless telecommunications in order to provide an array of sophisticated services (m-services) to mobile users. To date, much of the research in the area has concentrated on the problem of service discovery. However, once a service has been discovered, it needs to be provisioned according to the goals and constraints of the service provider and the service consumer. Since, in general, these will be different stakeholders (with different aims), the de facto provisioning method will be some form of negotiation. To this end, this paper develops automated negotiation protocols and strategies that are applicable in m-commerce environments. Specifically, we develop and evaluate time-constrained bilateral negotiation algorithms, that allow software agents to adapt to the quality of the network and/or their experience of similar interactions. 相似文献
19.
针对可信问题,提出了一种基于安全多方的区块链可审计签名方案。该方案引入了带有时间戳的信任向量,并构建由多维向量组构成的信任矩阵用以定期记录参与者的可信行为,从而为参与者建立一种可信的评估机制,最后将评估结果存储到区块链中作为查证的依据。在确保参与者可信的前提下,通过秘密共享技术构建了安全可信的签名方案。安全分析表明,该方案可以有效减少恶意参与者带来的破坏,可检测参与者的可信度,并可以抵抗移动攻击。性能分析表明,该方案具有较低的计算复杂度和较高的执行效率。 相似文献
20.
Natasa Jovanovic Rieks op den Akker Anton Nijholt 《Language Resources and Evaluation》2006,40(1):5-23
This paper describes a multi-modal corpus of hand-annotated meeting dialogues that was designed for studying addressing behaviour in face-to-face conversations. The corpus contains annotated dialogue acts, addressees, adjacency pairs and gaze direction. First, we describe the corpus design where we present the meetings collection, annotation scheme and annotation tools. Then, we present the analysis of the reproducibility and stability of the annotation scheme.
相似文献
| Rieks op den AkkerEmail: Phone: +31-53-4893679Fax: +31-53-4893503 |
