论文信息 - Towards practical automated trust negotiation

Towards practical automated trust negotiation

Exchange of attribute credentials is a means to establish mutual trust between strangers that wish to share resources or conduct business transactions. Automated Trust Negotiation (ATN) is an approach to regulate the exchange of sensitive credentials by using access control policies. Existing ATN work makes unrealistic simplifying assumptions about credential-representation languages and credential storage. Moreover while existing work protects the transmission of credentials, it fails to hide the contents of credentials, thus providing uncontrolled access to potentially sensitive attributes. To protect information about sensitive attributes, we introduce the notion of attribute acknowledgment policies (Ack policies). We then introduce the trust target graph (TTG) protocol, which supports a more realistic credential language, Ack policies, and distributed storage of credentials.

Ninghui Li | William H. Winsborough | Ninghui Li | W. Winsborough

[1] J. Feigenbaum,et al. The KeyNote trust management system version2, IETF RFC 2704 , 1999 .

[2] Ronald L. Rivest,et al. Certificate Chain Discovery in SPKI/SDSI , 2002, J. Comput. Secur..

[3] Butler W. Lampson,et al. SPKI Certificate Theory , 1999, RFC.

[4] Ninghui Li,et al. Distributed credential chain discovery in trust management: extended abstract , 2001, CCS '01.

[5] Ninghui Li,et al. RT: a Role-based Trust-management framework , 2003, Proceedings DARPA Information Survivability Conference and Exposition.

[6] Pierangela Samarati,et al. Regulating service access and information release on the Web , 2000, CCS.

[7] Marianne Winslett,et al. Limiting the Disclosure of Access Control Policies during Automated Trust Negotiation , 2001, NDSS.

[8] K.E. Seamons,et al. Automated trust negotiation , 2000, Proceedings DARPA Information Survivability Conference and Exposition. DISCEX'00.

[9] Amir Herzberg,et al. Access control meets public key infrastructure, or: assigning roles to strangers , 2000, Proceeding 2000 IEEE Symposium on Security and Privacy. S&P 2000.

[10] Marianne Winslett,et al. PRUNES: an efficient and complete strategy for automated trust negotiation over the Internet , 2000, CCS.

[11] Marianne Winslett,et al. Interoperable strategies in automated trust negotiation , 2001, CCS '01.

[12] Joan Feigenbaum,et al. The KeyNote Trust-Management System Version 2 , 1999, RFC.