Decentralized Secure Interoperation in Multi-Domain Environments

The current schemes for security interoperation in multi-domain environments are in a centralizedway, which makes security interoperation hard to be scaledup. And these schemes do not deal well with policy evolution and thus cannot be applied in dynamic environments.In this paper, we present a scheme for secure interoperation in a decentralized way. First, we present a decentralized multi-domain policy model, representing the elementsand characters of the policies kept by each domain. Thenwe give distributed algorithms for creating or maintainingsuch policies, including algorithms for the initialization ofpolicy interoperation and for policy evolution respectively.Our scheme is easy to be scaled up and appropriate for thedynamic environments where policy evolution happens often.