A non-repudiable negotiation protocol for security service level agreements

J. Kannisto, T. Takahashi, J. Harju, S. Heikkinen, M. Helenius, S. Matsuo, B. Silverajan

    Tutkimustuotos: ArtikkeliScientificvertaisarvioitu

    3 Sitaatiot (Scopus)

    Abstrakti

    Security service level agreements (SSLAs) provide a systematic way for end users at home or in the office to guarantee sufficient security level when doing business or exchanging sensitive personal or organizational data with an online service. In this paper, we propose an SSLA negotiation protocol that implements non-repudiation with cryptographic identities and digital signatures and includes features that make it resistant to denial of service attacks. The basic version of the protocol does not rely on the use of a trusted third party, and it can be used for all kinds of simple negotiations. For the negotiation about SSLAs, the protocol provides an option to use an external knowledge base that may help the user in the selection of suitable security measures. We have implemented a prototype of the system, which uses JSON Web Signature for the message exchange and made some performance tests with it. The results show that the computational effort required by the cryptographic operations of the negotiation protocol remains at a reasonable level.

    AlkuperäiskieliEnglanti
    Sivut2067-2081
    Sivumäärä15
    JulkaisuInternational Journal of Communication Systems
    Vuosikerta28
    Numero15
    DOI - pysyväislinkit
    TilaJulkaistu - 1 lokak. 2015
    OKM-julkaisutyyppiA1 Alkuperäisartikkeli tieteellisessä aikakauslehdessä

    Julkaisufoorumi-taso

    • Jufo-taso 1

    !!ASJC Scopus subject areas

    • Electrical and Electronic Engineering
    • Computer Networks and Communications

    Sormenjälki

    Sukella tutkimusaiheisiin 'A non-repudiable negotiation protocol for security service level agreements'. Ne muodostavat yhdessä ainutlaatuisen sormenjäljen.

    Siteeraa tätä