Premium
A non‐repudiable negotiation protocol for security service level agreements
Author(s) -
Kannisto J.,
Takahashi T.,
Harju J.,
Heikkinen S.,
Helenius M.,
Matsuo S.,
Silverajan B.
Publication year - 2015
Publication title -
international journal of communication systems
Language(s) - English
Resource type - Journals
SCImago Journal Rank - 0.344
H-Index - 49
eISSN - 1099-1131
pISSN - 1074-5351
DOI - 10.1002/dac.2856
Subject(s) - computer science , computer security , cryptographic protocol , protocol (science) , negotiation , credential , json , denial of service attack , service (business) , security service , digital signature , cryptography , cryptographic primitive , computer network , hash function , world wide web , information security , the internet , medicine , alternative medicine , economy , pathology , political science , law , economics
Summary Security service level agreements (SSLAs) provide a systematic way for end users at home or in the office to guarantee sufficient security level when doing business or exchanging sensitive personal or organizational data with an online service. In this paper, we propose an SSLA negotiation protocol that implements non‐repudiation with cryptographic identities and digital signatures and includes features that make it resistant to denial of service attacks. The basic version of the protocol does not rely on the use of a trusted third party, and it can be used for all kinds of simple negotiations. For the negotiation about SSLAs, the protocol provides an option to use an external knowledge base that may help the user in the selection of suitable security measures. We have implemented a prototype of the system, which uses JSON Web Signature for the message exchange and made some performance tests with it. The results show that the computational effort required by the cryptographic operations of the negotiation protocol remains at a reasonable level. Copyright © 2014 John Wiley & Sons, Ltd.