A flexible approach to multisession trust negotiations

Anna Squicciarini, Elisa Bertino, Alberto Trombetta, Stefano Braghin

Research output: Contribution to journalArticle

9 Scopus citations

Abstract

Trust Negotiation has shown to be a successful, policy-driven approach for automated trust establishment, through the release of digital credentials. Current real applications require new flexible approaches to trust negotiations, especially in light of the widespread use of mobile devices. In this paper, we present a multisession dependable approach to trust negotiations. The proposed framework supports voluntary and unpredicted interruptions, enabling the negotiating parties to complete the negotiation despite temporary unavailability of resources. Our protocols address issues related to validity, temporary loss of data, and extended unavailability of one of the two negotiators. A peer is able to suspend an ongoing negotiation and resume it with another (authenticated) peer. Negotiation portions and intermediate states can be safely and privately passed among peers, to guarantee the stability needed to continue suspended negotiations. We present a detailed analysis showing that our protocols have several key properties, including validity, correctness, and minimality. Also, we show how our negotiation protocol can withstand the most significant attacks. As by our complexity analysis, the introduction of the suspension and recovery procedures, and mobile negotiations does not significantly increase the complexity of ordinary negotiations. Our protocols require a constant number of messages whose size linearly depend on the portion of trust negotiation that has been carried before the suspensions.

Original languageEnglish (US)
Article number5871654
Pages (from-to)16-29
Number of pages14
JournalIEEE Transactions on Dependable and Secure Computing
Volume9
Issue number1
DOIs
StatePublished - Jan 1 2012

    Fingerprint

All Science Journal Classification (ASJC) codes

  • Electrical and Electronic Engineering

Cite this