Representando opiniões em cadeias de confiança SPKI/SDSI
Resumo
O SPKI/SDSI é um modelo de segurança flexível e extensível que permite autenticação, confidencialidade e controle de acesso de forma igualitária e descentralizada. No entanto, este modelo não é apropriado para ambientes dinâmicos de grande escala como grades computacionais, cujos recursos e sujeitos envolvidos podem variar largamente ao longo do tempo. Neste trabalho, estende-se o modelo SPKI/SDSI para incluir um modelo de opinião baseado em lógica subjetiva. A eficácia da proposta é avaliada através de simulações.Referências
Martín Abadi. On SDSI’s linked local name spaces. Journal of Computer Security, 6(12):3–21, 1998.
Dwaine Clarke, Jean-Emile Elien, Carl Ellison, Matt Fredette, Alexander Morcos, and Ronald L. Rivest. Certificate chain discovery in spki/sdsi. J. Comput. Secur., 9(4):285–322, 2001.
Raphael Y. de Camargo, Andrei Goldchleger, Marcio Carneiro, and Fabio Kon. Grid: An Architectural Pattern. In The 11th Conference on Pattern Languages of Programs (PLoP’2004), pages 337–356, Monticello, Illinois, USA, September 2004.
C. Ellison, B. Frantz, B. Lampson, R. Rivest, B. Thomas, Southwestern Bell, and T. Ylonen. SPKI Certificate Theory. Internet RFC 2693, 1999.
Ian Foster and Carl Kesselman. The Grid 2: Blueprint for a New Computing Infrastructure. Morgan Kaufmann Publishers Inc., 2003.
Andrei Goldchleger. Integrade: Um sistema de middleware para computação em grade oportunista. Dissertação de mestrado, IME/USP, December 2004.
Andrei Goldchleger, Fabio Kon, Alfredo Goldman vel Lejbman, and Marcelo Finger. InteGrade: Object-Oriented Grid Middleware Leveraging Idle Computing Power of Desktop Machines. In Proceedings of the ACM/IFIP/USENIX Middleware’2003 1st International Workshop on Middleware for Grid Computing, pages 232–234, Rio de Janeiro, Brazil, June 2003.
Krishna P. Gummadi, Stefan Saroiu, and Steven D. Gribble. King: Estimating Latency Between Arbitrary Internet End Hosts. In Proc. of the Second ACM SIGCOMM Workshop on Internet measurment, pages 5–18, New York, NY, USA, 2002.
Joseph Y. Halpern and Ron Van der Meyden. A logical reconstruction of spki. In CSFW ’01: Proceedings of the 14th IEEE Workshop on Computer Security Foundations, pages 59–70, Washington, DC, USA, 2001. IEEE Computer Society.
Jon Howell and David Kotz. A formal semantics for spki. In ESORICS’00: Proceedings of the 6th European Symposium on Research in Computer Security, pages 140–158, London, UK, 2000. Springer-Verlag.
Audun Jøsang. Artificial reasoning with subjective logic. In Second Australian Workshop on Commonsense Reasoning, Perth, Australia, 1997.
Audun Jøsang. An algebra for assessing trust in certification chains. In Network and Distributed Systems Security Symposium (NDSS 99), San Diego, USA, 1999. The Internet Society.
José De Ribamar Braga Pinheiro Júnior and Fabio Kon. Minicurso de Segurança em Grades Computacionais, chapter 2, pages 66–111. Simpósio Brasileiro de Segurança de Informação e de Sistemas Computacionais (SBSEG), September 2005.
Ninghui Li. Local names in SPKI/SDSI. In CSFW ’00: Proceedings of the 13th IEEE Computer Security Foundations Workshop (CSFW’00), pages 2–15, Washington, DC, USA, 2000. IEEE Computer Society.
Michael Litzkow, Miron Livny, and Matt Mutka. Condor A Hunter of Idle Workstations. In Proceedings of the 8th International Conference of Distributed Computing Systems, pages 104–111, Palo Alto, CA, June 1988.
Sean Rhea, Dennis Geels, Timothy Roscoe, and John Kubiatowicz. Handling Churn in a DHT. In Proc. of the 2004 USENIX Annual Technical Conference, pages 127–140, Boston, Massachusetts, June 2004.
Ronald L. Rivest and Butler Lampson. SDSI – A simple distributed security infrastructure. Presented at CRYPTO’96 Rumpsession, 1996.
Altair Santin, Joni da Silva Fraga, Emerson Ribeiro de Mello, and Frank Siqueira. Extending the SDSI / SPKI Model through Federation Webs. In Communications and Multimedia Security (CMS2003), pages 132–145, Turim, Italy, January 2003.
Dwaine Clarke, Jean-Emile Elien, Carl Ellison, Matt Fredette, Alexander Morcos, and Ronald L. Rivest. Certificate chain discovery in spki/sdsi. J. Comput. Secur., 9(4):285–322, 2001.
Raphael Y. de Camargo, Andrei Goldchleger, Marcio Carneiro, and Fabio Kon. Grid: An Architectural Pattern. In The 11th Conference on Pattern Languages of Programs (PLoP’2004), pages 337–356, Monticello, Illinois, USA, September 2004.
C. Ellison, B. Frantz, B. Lampson, R. Rivest, B. Thomas, Southwestern Bell, and T. Ylonen. SPKI Certificate Theory. Internet RFC 2693, 1999.
Ian Foster and Carl Kesselman. The Grid 2: Blueprint for a New Computing Infrastructure. Morgan Kaufmann Publishers Inc., 2003.
Andrei Goldchleger. Integrade: Um sistema de middleware para computação em grade oportunista. Dissertação de mestrado, IME/USP, December 2004.
Andrei Goldchleger, Fabio Kon, Alfredo Goldman vel Lejbman, and Marcelo Finger. InteGrade: Object-Oriented Grid Middleware Leveraging Idle Computing Power of Desktop Machines. In Proceedings of the ACM/IFIP/USENIX Middleware’2003 1st International Workshop on Middleware for Grid Computing, pages 232–234, Rio de Janeiro, Brazil, June 2003.
Krishna P. Gummadi, Stefan Saroiu, and Steven D. Gribble. King: Estimating Latency Between Arbitrary Internet End Hosts. In Proc. of the Second ACM SIGCOMM Workshop on Internet measurment, pages 5–18, New York, NY, USA, 2002.
Joseph Y. Halpern and Ron Van der Meyden. A logical reconstruction of spki. In CSFW ’01: Proceedings of the 14th IEEE Workshop on Computer Security Foundations, pages 59–70, Washington, DC, USA, 2001. IEEE Computer Society.
Jon Howell and David Kotz. A formal semantics for spki. In ESORICS’00: Proceedings of the 6th European Symposium on Research in Computer Security, pages 140–158, London, UK, 2000. Springer-Verlag.
Audun Jøsang. Artificial reasoning with subjective logic. In Second Australian Workshop on Commonsense Reasoning, Perth, Australia, 1997.
Audun Jøsang. An algebra for assessing trust in certification chains. In Network and Distributed Systems Security Symposium (NDSS 99), San Diego, USA, 1999. The Internet Society.
José De Ribamar Braga Pinheiro Júnior and Fabio Kon. Minicurso de Segurança em Grades Computacionais, chapter 2, pages 66–111. Simpósio Brasileiro de Segurança de Informação e de Sistemas Computacionais (SBSEG), September 2005.
Ninghui Li. Local names in SPKI/SDSI. In CSFW ’00: Proceedings of the 13th IEEE Computer Security Foundations Workshop (CSFW’00), pages 2–15, Washington, DC, USA, 2000. IEEE Computer Society.
Michael Litzkow, Miron Livny, and Matt Mutka. Condor A Hunter of Idle Workstations. In Proceedings of the 8th International Conference of Distributed Computing Systems, pages 104–111, Palo Alto, CA, June 1988.
Sean Rhea, Dennis Geels, Timothy Roscoe, and John Kubiatowicz. Handling Churn in a DHT. In Proc. of the 2004 USENIX Annual Technical Conference, pages 127–140, Boston, Massachusetts, June 2004.
Ronald L. Rivest and Butler Lampson. SDSI – A simple distributed security infrastructure. Presented at CRYPTO’96 Rumpsession, 1996.
Altair Santin, Joni da Silva Fraga, Emerson Ribeiro de Mello, and Frank Siqueira. Extending the SDSI / SPKI Model through Federation Webs. In Communications and Multimedia Security (CMS2003), pages 132–145, Turim, Italy, January 2003.
Publicado
28/08/2006
Como Citar
PINHEIRO JÚNIOR, José de R. B.; ROCHA, Vladimir Moreira; KON, Fabio.
Representando opiniões em cadeias de confiança SPKI/SDSI. In: SIMPÓSIO BRASILEIRO DE SEGURANÇA DA INFORMAÇÃO E DE SISTEMAS COMPUTACIONAIS (SBSEG), 6. , 2006, Santos.
Anais [...].
Porto Alegre: Sociedade Brasileira de Computação,
2006
.
p. 264-277.
DOI: https://doi.org/10.5753/sbseg.2006.20954.
