Laboratorium - Winter Semester 2003 / 2004

 

Eric Knauss

CREDENTIALS IN AUTOMATED TRUST NEGOTIATION (ATN)

This workplan correspond to a Winter Semester Research program where students choose a topic and they should investigate on it. It is composed of 7 milestones where they have to learn about the state of the art in the topic selected achieving some goals and they have to present a final work at the end.

When a transaction between two entities needs to be done, both entities will need some information from the other party. While current approaches relies on the client/server approach where one of the two entities is registered on the other, Automated Trust Negotiation denotes the process where both parties ask and disclose information whenever it is needed according to their own policies.

The chosen topic consists on the extension with credentials of the current prototype in Automated Trust Negotiation where the credentials are only simulated.

The main goals of this work are:

  • Introduction to Semantic Web & Security Technologies
  • XML Signature standards
  • Java Cryptography
  • P2P Networks
  • Introduction to one of the most recent topics in security and access control: ATN

WORKPLAN

10/12/2003-16/12/2003 - Semantic Web Introduction
 

Basic papers

  Optional:
  Useful links:
  1st milestone: 16/12/2003 - Small report of articles read
  Meeting: 17/12/2003 11:00
   
16/12/2003-23/12/2003 - Security Technologies and P2P Networks Introduction
 
  2nd milestone: 23/12/2003 - Small report of articles read
   
23/12/2003-06/01/2004 - Java Security Introduction
 
  Optional:
  Digital signatures management need to be implemented in Java. Here it is needed to decide which package would be better to use. Sun provides the JCE (but I am not sure it uses XML signatures) but there are other possibilities (maybe with XML Signatures that is a standard).
  3rd milestone: 06/01/2004 - Examples in java using knowledge adquired
  Meeting: 09/01/2004 11:00
   
06/01/2004-13/01/2004 - Introduction to ATN
 
 
  • Download the prototype
  • Understand the java and prolog code
  • Play with examples
  4th milestone: 13/01/2004 - Small report about articles read and examples in the prototype
  Meeting: 15/01/2004 13:00
 
13/01/2004-20/01/2004 - Credentials Extension Development (I)
  Create a library in Java with methods for the following tasks:
  • Read credential: the different parts of the credential are extracted
  • Write credential: a local statement is written as a credential with the own private key
  • Verify credential: a given credential is checked
  • Create list of credentials: each credential statement is written in prolog predicates
 
20/01/2004-27/01/2004 - Credentials Extension Development (& II)
  5th milestone: 27/01/2004 - Test examples where the library is used and tested
   
27/01/2004-03/02/2004 - Integration of the Credential Library into Prototype (I)
  Use the developed library in the current prototype to use real credentials instead of text statements.
  Meeting: - 30/01/2004 10:00
   
03/02/2004-10/02/2004 - Integration of the Credential Library into Prototype (II)
  6th milestone: 10/02/2004 - Prototype working with real credentials
  Meeting: - 11/02/2004 10:00
   
10/02/2004-17/02/2004 - Integration of the Credential Library into Prototype (& III)
  Meeting: - 18/02/2004 10:00
   
17/02/2004-24/02/2004 - Test of the prototype
  As in any project the result has to be tested. The prototype has to be tested with different scenarios
  7th milestone: 17/02/2004 - Document with tests and results
  Meeting: 22/02/2004 15:00
   
Final report
 

Last update on 06-May-2004 4:55 PM Home