查看文章

This paper proposes a mechanism that realizes accountable security using a security service level agreement (SSLA), which defines the security level of a service agreed to between a user and service provider. The mechanism consists of three major components: security expression, translation, and negotiation techniques. The security expression technique provides a means to describe security requirements and capabilities of a user and service provider, as well as the SSLA between them, in different levels of detail. The translation technique provides a means to translate such information among different levels of detail, and the negotiation technique provides a means to negotiate and agree upon the SSLA between the user and service provider. Both the user and service provider need to be accountable and non-repudiable against the agreed to SSLA in order to empower it. The mechanism uses cryptographic …