Secure trust negotiation system for grid computing

Grid technology promotes resource sharing and collaboration over wide area network. However, service providers and requestors are always located in different secure domains in grid environment. How to establish trust between strangers without prior relationship has become a pressing problem. A system named secure trust negotiation system was designed and implemented, which depends on the trust management infrastructure, establishes trust between strangers with iterative disclosure of credentials and access control policies and can protect participants' private information. A sort of attributed-based authorization credential and access control policy was adopted. A novel algorithm for compliance checker of credentials and access policies was carefully designed, which can be used to generate all the minimal satisfied sets of credentials, so that the trust relationship existed in theory can be established automatically. During the process of trust negotiation using this system, secure transmission of credentials disclosed was ensured by other subsystems of CROWN. Through the application in CROWN grid, it shows contributions to the automated trust establishment and privacy protection.