• DocumentCode
    2414323
  • Title

    Formalising Dynamic Trust Negotiations in Decentralised Collaborative e-Health Systems

  • Author

    Ajayi, Oluwafemi ; Sinnott, Richard ; Stell, Anthony

  • Author_Institution
    National e-Sci. Centre, Glasgow Univ.
  • fYear
    2007
  • fDate
    10-13 April 2007
  • Firstpage
    3
  • Lastpage
    10
  • Abstract
    Access control in decentralised collaborative systems present huge challenges especially where many autonomous entities including organizations, humans, software agents from different security domains seek to access and share resources in a secure and controlled way. Automated trust negotiation (ATN) is one approach that has been proposed for trust discovery and realisation, which enables entities viz. strangers to access resources across autonomous boundaries through iterative exchange of credentials. Various negotiation strategies have been proposed to protect credential disclosure during trust negotiations. However in some domains such as e-health, not all entities are willing to negotiate credentials or disclose access policies directly to strangers regardless of negotiation strategies and instead prefer to negotiate and disclose sensitive information only to strangers within what we refer to as a circle of trust. In this paper, we introduce a formal model to describe how locally trusted intermediary parties can provide multiple negotiation and delegations hops to protect credentials and access policies. We propose a dynamic trust negotiations (DTN) model that not only protects sensitive information from disclosure but also reduces semantic issues that exist with credentials in decentralized systems. This work is currently being explored and implemented within the e-health domain: specifically in the MRC-funded Virtual Organisation for Trials of Epidemiological Studies (VOTES) project
  • Keywords
    authorisation; groupware; medical information systems; VOTES project; Virtual Organisation for Trials of Epidemiological Studies project; access control; automated trust negotiation; decentralised collaborative e-health systems; dynamic trust negotiations; secured resource access; secured resource sharing; trust discovery; Access control; Automatic control; Collaboration; Collaborative software; Control systems; Humans; Iterative methods; Protection; Security; Software agents;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Availability, Reliability and Security, 2007. ARES 2007. The Second International Conference on
  • Conference_Location
    Vienna
  • Print_ISBN
    0-7695-2775-2
  • Type

    conf

  • DOI
    10.1109/ARES.2007.91
  • Filename
    4159781