Home // SECURWARE 2012 , The Sixth International Conference on Emerging Security Information, Systems and Technologies // View article

Securing Policy Negotiation for Socio-Pervasive Business Microinteractions

Authors:
Mitja Vardjan
Miroslav Pavleski
Jan Porekar

Keywords: security; trust; policy agreement; policy negotiation.

Abstract:
In this paper, we study security of policy negotiation and policy-based agreements for emerging mobile based dynamic business environments that feature many previously unknown parties sharing services to each other in an ad hoc fashion. Signed agreements among parties are basic enablers of trust in such dynamic environments. Before a micro service or a 3rd party application can be consumed by an employee, a policy like Service Level Agreement (SLA) typically has to be agreed by the service consumer and service provider. Various types of policies have to be accepted also in other socially tailored use-cases, e.g., when an employee joins a community. To enable appropriate degree of trust, consumer privacy protection, as well as authenticity and non-repudiation of the final agreement, the policy negotiation process has to be secured. The security principles introduced in the paper are applicable to any kind of policy negotiation and selection where two entities are involved: the provider and the requester who need to establish trust between them. A simple but secure policy negotiation or selection is described, followed by description of its implementation on Android operating system. The interactions between the parties are minimized in order to boost usability and limit bandwidth usage in socio-pervasive environment.

Pages: 142 to 147

Copyright: Copyright (c) IARIA, 2012

Publication date: August 19, 2012

Published in: conference

ISSN: 2162-2116

ISBN: 978-1-61208-209-7

Location: Rome, Italy

Dates: from August 19, 2012 to August 24, 2012