Monday 29th March

Provisional programme

Tuesday 30 March 2004

Wednesday 31 March 2004

Thursday 1 April 2004

Programme of tutorials

There will be a full day tutorial on Monday 29th March, titled Supporting Trust Management in Virtual Organisations

and a half day tutorial on Thursday 1st April, titled Trust Management for Credential Based Access Control

For details of these tutorials, see below.

Monday 29 March 2004

Supporting Trust Management in Virtual Organisations (Full day)

Coordinator: Brian Matthews, CCLRC UK.

Presenter: Babak Sadighi, SICS, Sweden.
Presenter: Emil Lupu, Imperial College, London, UK.
Presenter: David Chadwick, University of Salford, UK.
Presenter: Joris Claessens, Microsoft, Germany.
Presenter: Jakka Sairamesh, IBM, USA.

Overview

Virtual organisations over open distributed systems have been proposed as the mechanism for supporting collaborative working across enterprises. However, this vision will only come about if enterprises and individuals are confident that it will deliver services 'as advertised', not only in terms of functionality but also in the behaviour of participating agents.

In this tutorial, we offer a series of five independent tutorials of upto one and a half hours each, linked by being key enabling technologies for delivering a secure and reliable virtual organisations. The target audience would be developers and researchers who are interesting in exploring and implementing the future development of virtual organisations and would like to know the status of the current generation of enabling technologies. The aim would be to give a detailed overview of how such collaborative environments can be made secure.

This series of linked tutorials is sponsored by the EC FP6 project TrustCom, investigating delivering trustworthy virtual organisations.

Programme

Delegent, Babak Sadighi

Delegent is a software product developed at the Swedish Institute of Computer Science (SICS) based on results from several years of research on administration of authorization.

The core of Delegent is a delegation mechanism that can be used to create and revoke authorizations both at the access level and at the administrative level. While a more decentralized administration of authorizations is necessary, it is equally important to maintain a degree of centralized control to prevent rights from spreading in an uncontrolled manner. The goal and the challenge of Delegent has been to develop a model for decentralized authorization management, where the control of the spreading of rights is maintained, and even improved, compared with existing centralized authorization administration models.

In this tutorial, we will present the theory behind Delegent, how it is implemented and it is used in a case study for managing computational resources in a virtual organisation.

Ponder and Sultan, Emil Lupu

This section of the tutorial will present the Ponder policy framework and the Sultan trust management framework developed at Imperial College London. The Sultan framework provides the means to specify, analyse and evaluate trust relationships in Internet applications. The Ponder Policy Framework (see http://www-dse.doc.ic.ac.uk/policies) provides a declarative, object-oriented language for specifying both security and management policies. It supports a rich set of constructs for grouping policies in roles, relationships and management structures. The tutorial will cover the main priciples underpinning the Ponder framework and issues relating to policy specification, deployment and enforcement as well as conflict detection and policy analysis.

Permis, David Chadwick

PERMIS is a policy controlled role based Privilege Management Infrastructure (PMI). A PMI provides mechanisms for allocating privileges to users (in the case of PERMIS these are roles, stored in digitally signed X.509 attribute certificates), and for controlling access to resources based on a policy and the user's privileges. This tutorial will explain the design and contents of the PERMIS PMI, and will demonstrate the various components of the infrastructure to the audience. PERMIS is written in Java, and is part of the US NSF Middleware Initiative software distribution.

Web Service Security, Joris Claessens

Web Services provide an interoperable framework between software components that can communicate between different companies and organizations, while possibly residing on different platforms and infrastructures. As such, Web Services constitute the ideal framework for collaboration within a virtual organization across enterprises. It is however essential that the services are provided in a secure and reliable way, and that they support transactions. Specifications for secure, reliable, and transacted web services have been and are being developed by IBM, Microsoft, and others. This session will focus on the security part and give an in-depth overview of the current Web Services Security specifications, and how they relate to trust management in virtual organizations.

Web Services Components, Jakka Sairamesh

This tutorial will address aspects related to transactioning and contracting using Web Services, including Web Service Level Agreement and Web Service transactioning. The Web Service Level Agreement (WSLA) project addresses service level management issues and challenges in a Web Services environment on SLA specification, creation and monitoring. Transactions refer to all discreet tasks that must be performed in unison to accomplish a goal. Transactions may involve tasks that are done by one or more participant. With the advent of the Internet and Web services, the scenario that is emerging requires involvement of participants unknown to each other in distributed transactions. We will take a closer look at the characteristics of "Traditional transactions" and "Transactions in a Web services context" as exemplified by the WS-transaction proposal by IBM, Microsoft, and BEA.

Biographies of Presenters

Babak Sadighi

Babak Sadighi is a senior researcher at Swedish Institute of Computer Science (SICS). He is leading the Policy Based Reasoning group at SICS which is doing research in the areas of authorisation, trust and contract management.

Emil Lupu

Dr. Emil Lupu (www-dse.doc.ic.ac.uk/~ecl1/) obtained his Diplôme d'Ingénieur from the ENSIMAG, France and his Ph.D. from Imperial College London. He is currently a lecturer in the Department of Computing at Imperial College London where he leads several research projects on policy-based management, autonomic computing, pervasive systems and distributed systems management. His research interests include design, security and mobility issues in large distributed systems. Dr. Lupu is a member of the steering committee for the IEEE Workshop on Policies for Distributed Systems and Networks and has served on a number of conference program committees in network and systems management (DSOM 1999-2003, IM 1999-2003, NOMS 2000-2004), distributed acess control (RBAC 1998-2000) and enterprise distributed systems (EDOC 2001-2004).

David Chadwick

David Chadwick is Professor of Information Systems Security at the University of Salford. He specialises in LDAP, X.509 Public Key Infrastructure and Privilege Management Infrastructure related issues, and how these might be used to convert traditional processes and applications to run securely over the Internet. Particulars topics of current interest include policy based authorisation, the management of trust and the delegation of authority. He actively participates in standardisation activities, and is the author of a number of Internet Drafts and RFCs

Joris Claessens

Dr. Joris Claessens is since June 2003 a Program Manager in the European Microsoft Innovation Center (EMIC), Aachen, Germany. He received the degree of Electrical Engineering (Telecommunications) from the Katholieke Universiteit Leuven, Belgium in July 1997, with a Master's thesis addressing the "Security of the World Wide Web". In December 2002, he obtained a Ph.D. in Applied Sciences from the same institute. His Ph.D. thesis dealt with the "Analysis and design of an advanced infrastructure for secure and anonymous electronic payment systems on the Internet". From September 1997 till May 2003, he was a researcher in the COmputer Security and Industrial Cryptography (COSIC) research group, where he specialized in security and privacy in electronic applications and services, and the underlying cryptographic mechanisms. He was involved in academic research as well as in research projects and consulting.

Jakka Sairamesh

Dr. Jakka Sairamesh is a recognized Researcher in Trust Management and has been actively involved in the design and implementation in almost all IBM e-Commerce Products. Dr. Jakka Sairamesh is a senior research staff member in IBM Watson Research, Hawthorne. He obtained his M.S. and M. Phil. from Columbia University in 1991 and Ph. D. from Columbia University in 1995. Since then he has been working with IBM Research (Institute for Advanced Commerce) on electronic commerce platforms, trading systems, mobile commerce, information economies, internet economics and distributed systems. He has published numerous papers on e-business platforms, trading systems, distributed systems, auctions, price-dynamics, digital libraries and market-based control. He also played a role as an architect from Research for IBM's B2B products such as Websphere Marketplace Edition and Websphere Business Edition. He currently is a project manager of projects in the areas of e-business platforms, advanced contracts, trading systems and mobile e-business

Tutorial sponsored by TrustCom Integrated Project

Thursday 1st April

Trust Management for Credential Based Access Control (Half Day, pm)

Presenter: Dr. Yücel Karabulut SAP Corporate Research

Abstract

For distributed computing systems, specification and enforcement of permissions can be based on a public key infrastructure (PKI) which deals with public keys for asymmetric cryptography. This tutorial explains how asymmetric cryptography can be used for trust management in open computing systems and emerging applications. The tutorial introduces concepts of PKI and credential based access control, presents current PKI models and trust management approaches, which are classified as based on trusted authorities with licencing and dealing with free properties (characterizing attributes of entities, including identities), e.g. X.509, or based on owners with delegation dealing with bound properties (promises to get a specific service, including capabilities), e.g. SPKI/SDSI. A brief overview of a hybrid PKI model, which extends and unifies current PKI models, followed by a more detailed overview of protocols, and appropriate subprotocols or degenerated variants, to convert free properties into bound properties will give participants practical knowledge necessary for applying different trust management approaches to new applications. This tutorial presents such protocols in the context of secure mediated interactions between information seeking clients and information offering sources, which might appear to each other as strangers acting in heterogeneous and autonomous security domains. We present also a reference implementation of the hybrid PKI model and secure mediation. We conclude the tutorial by presenting the fundamentals of wireless PKI for mobile applications and the basics of Web Services security specification with an emphasis on trust management.

Content

• Fundamentals of public key cryptographyContent
• Fundamentals of public key cryptography
• Fundamentals of PKI (property assignment, trust evaluation, etc.)
• Credential based access control
• PKI models and Trust Management approaches
  • Model of trusted authorities and licencing
  • Model of owners and delegation o Hybrid PKI model
• Applications of Trust Management approaches
• A reference implementation
• Fundamentals of wireless PKI and Web Services security

Necessary Background

Basic authentication and access control concepts

Target Audience

• Researchers and designers of e-commerce systems and applications
• Researchers and academics in computer science and security in general

Goal

The goal of the tutorial is to give attendees:

• An introduction to public key cryptography
• An understanding of credential based access control
• An understanding of current PKI models and trust management approaches
• An introduction to the hybrid PKI model, and how it can be applied to different applications
• An understanding of how a unifying trust management approach can be modelled and implemented
• An introduction to wireless PKI and Web Services security

Why attend this tutorial?

Security and trust form the core of any business transaction and quite obviously, this is true for emerging architectures and applications like Virtual Organisations and Grid computing where most transactions occur between strangers which do not share a common security domain. Strangers are willing to conduct secure business transactions electronically, with a trust that comes close to traditional face-to-face business interactions. Existing approaches, which are based on asymmetric cryptography, seem to fulfill the requirements of emerging architectures and applications. Most of the works investigating the application of asymmetric cryptography based access control treat existing trust management approaches and PKI models as competing technologies even as dueling theologies. We argue that dynamic computing environments need new trust management paradigms (e.g. hybrid PKI model) which unify and extend existing approaches. The business advantage of such paradigms is clear. By employing a unifying model, which provides a seamless interoperation between heterogeneous and autonomous security domains, organizations can broaden their potential customer base and collaborators base.

Biographies of Presenter

Dr. Yücel Karabulut is a member of the Pervasive Security Group at SAP Corporate Research in Karlsruhe. His main research interest is in trust management in open computing environments. He developed a hybrid PKI model and a trust management based security architecture for mediated information systems. He has a number of publications focusing on security issues in open, interoperable information systems. After earning his Ph.D. in Information Systems and Security at the University of Dortmund, he worked as a Postdoctoral Researcher at the same university. He received his MSc degree in computer science from the University of Dortmund and his BSc degree in computer engineering from the Ege University in Izmir.

Reference Material

1. J. Biskup and Y. Karabulut: A Hybrid PKI Model for Access Control in Distributed Systems with Mediation, submitted to a journal for publication.
2. Y. Karabulut: Developing a Trust Management Based Secure Interoperable Information System. In Special Session on Security and Privacy in E-Commerce within the 6th International Conference on Electronic Commerce Research, INFOMART, Dallas, October, 2003.
3. C. Altenschmidt, J. Biskup, U. Flegel and Y. Karabulut: Secure Mediation: Requirements, Design and Architecture. Journal of Computer Security, 11(3):365-398, July 2003.
4. Y. Karabulut: Implementation of an Agent-Oriented Trust Management Infrastructure Based on a Hybrid PKI Model. In 1st International Conference on Trust Management, LNCS 2692, pages 318-331, Crete, Greece, May 2003.
5. J. Biskup and Y. Karabulut: Mediating Between Strangers: A Trust Management Based Approach. In 2nd Annual PKI Research Workshop, pages 80-95, Gaithersburg, Maryland, USA, April 2003.
6. Y. Karabulut: Secure Mediation Between Strangers in Cyberspace, Ph.D. Thesis, University of Dortmund, 2002.
7. J. Biskup and Y. Karabulut: A Hybrid PKI Model with an Application for Secure Mediation. In 16th Annual IFIP WG 11.3 Working Conference on Data and Application Security, Cambridge, England, pages 271-282, July 2002. Kluwer Academic Press.
8. C. Altenschmidt, J. Biskup and Y. Karabulut: Security Architecture of the Multimedia Mediator. In 14th Annual IFIP WG 11.3 Working Conference on Database Security, pages 77-87, Schoorl, Netherlands, Aug. 2000. Kluwer Academic Press.
9. Y. Karabulut: Credential Management for Secure Mediators. In 11th GI-Workshop on Foundations of Databases, pages 52-56, Luisenthal, Germany, May 1999.
10. C. Altenschmidt and Y. Karabulut: A Secure Object-Oriented Mediator: Two Challenges. In 3rd Workshop on Federated Databases, pages 65-80, Magdeburg, Germany, Dec. 1998. Shaker-Verlag.
11. J. Biskup, U. Flegel and Y. Karabulut: Towards Secure Mediation. In 1st Workshop on Security and Electronic Commerce, pages 93-106, Essen, Germany, Oct. 1998. Vieweg-Verlag.

Tutorial sponsored by TrustCom Integrated Project

Posters and demos

Demo 1: The CORAS tool for model-based security risk analysis

The CORAS tool is open source software for model-based security risk analysis, developed as part of the EU-funded CORAS project (IST-2000-25031). The tool facilitates integration of various system development and risk analysis methods and tools, such as UML CASE tools, HazOp analysis and Fault Tree analysis, through the use of open, standardised XML data formats. It contains a repository for analysis results and also supports reuse of results and experiences from previous analyses. An underlying meta-model for security risk analysis data provides support for consistency checking and automatic creation of analysis results based on previously recorded data. The demonstration will present the main functionality of the tool. We will also present the plans for future enhancements and development. 

 For more information about CORAS, see the webpage at http://coras.sourceforge.net/.