Content-triggered trust negotiation

Subscribe (Full Service)


	Search: The ACM Digital Library The Guide

	Feedback

Content-triggered trust negotiation

Full text

Pdf (815 KB)

Source

ACM Transactions on Information and System Security (TISSEC) archive
Volume 7 , Issue 3 (August 2004) table of contents

Pages: 428 - 456

Year of Publication: 2004

ISSN:1094-9224

Authors

Adam Hess	Brigham Young University, Provo, UT
Jason Holt	Brigham Young University, Provo, UT
Jared Jacobson	Brigham Young University, Provo, UT
Kent E. Seamons	Brigham Young University, Provo, UT

Publisher

ACM New York, NY, USA

Bibliometrics

Downloads (6 Weeks): 15, Downloads (12 Months): 112, Citation Count: 3

Additional Information:

abstract references cited by index terms collaborative colleagues

Tools and Actions:	Request Permissions Review this Article Save this Article to a Binder Display Formats: BibTeX EndNote ACM Ref

DOI Bookmark:	Use this link to bookmark this Article: http://doi.acm.org/10.1145/1015040.1015044 What is a DOI?

ABSTRACT

The focus of access control in client/server environments is on protecting sensitive server resources by determining whether or not a client is authorized to access those resources. The set of resources is usually static, and an access control policy associated with each resource specifies who is authorized to access the resource. In this article, we turn the traditional client/server access control model on its head and address how to protect the sensitive content that clients disclose to and receive from servers. Since client content is often dynamically generated at run-time, the usual approach of associating a policy with the resource (content) a priori does not work. We propose a general-purpose access control model designed to detect whenever sensitive information is being transmitted, and determine whether the sender or receiver is authorized. The model identifies sensitive content, maps the sensitive content to an access control policy, and establishes the trustworthiness of the sender or receiver before the sensitive content is disclosed or received. We have implemented the model within TrustBuilder, an architecture for negotiating trust between strangers based on properties other than identity. The implementation targets open systems, where clients and servers do not have preexisting trust relationships. The implementation is the first example of content-triggered trust negotiation. It currently supports access control for sensitive content disclosed by web and email clients.

REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

	1	Elisa Bertino , Silvana Castano , Elena Ferrari, On specifying security policies for web documents with an XML-based language, Proceedings of the sixth ACM symposium on Access control models and technologies, p.57-65, May 2001, Chantilly, Virginia, United States [doi>10.1145/373256.373264]
	2	Piero Bonatti , Pierangela Samarati, Regulating service access and information release on the Web, Proceedings of the 7th ACM conference on Computer and communications security, p.134-143, November 01-04, 2000, Athens, Greece [doi>10.1145/352600.352620]
	3	Dan Boneh , Matthew K. Franklin, Identity-Based Encryption from the Weil Pairing, Proceedings of the 21st Annual International Cryptology Conference on Advances in Cryptology, p.213-229, August 19-23, 2001
	4	David W. Chadwick , Alexander Otenko, The PERMIS X.509 role based privilege management infrastructure, Proceedings of the seventh ACM symposium on Access control models and technologies, June 03-04, 2002, Monterey, California, USA [doi>10.1145/507711.507732]
	5	Dierks, T. and Allen, C. 1999. The TLS protocol, version 1.0. Available at http://www.ietf.org/ rfc/rfc2246.txt.
	6	Fielding, R., Gettys, J., Mogul, J., Frystyk, H., Masinter, L., Leach, P., and Berners-Lee, T. 1999. Hypertext transfer protocol---HTTP/1.1. RFC 2616.
	7	Amir Herzberg , Yosi Mass , Joris Michaeli , Yiftach Ravid , Dalit Naor, Access Control Meets Public Key Infrastructure, Or: Assigning Roles to Strangers, Proceedings of the 2000 IEEE Symposium on Security and Privacy, p.2, May 14-17, 2000
	8	Hess, A. 2003. Content-Triggered Trust Negotiation. M.S. thesis, Computer Science Department, Brigham Young University.
	9	Hess, A., Jacobson, J., Mills, H., Wamsley, R., Seamons, K. E., and Smith, B. 2002. Advanced client/server authentication in TLS. In Network and Distributed System Security Symposium, San Diego, CA. 203--214.
	10	Jason E. Holt , Robert W. Bradshaw , Kent E. Seamons , Hilarie Orman, Hidden Credentials, Proceedings of the 2003 ACM workshop on Privacy in the electronic society, October 30, 2003, Washington, DC [doi>10.1145/1005140.1005142]
	11	International Telecommunication Union 1997. Rec. X.509---Information Technology---Open Systems Interconnection---The Directory: Authentication Framework. International Telecommunication Union.
	12	Jacobson, J. 2003. Trust Negotiation in Session-Layer Protocols. M.S. thesis, Computer Science Department, Brigham Young University.
	13	Lalana Kagal , Tim Finin , Anupam Joshi, A Policy Language for a Pervasive Computing Environment, Proceedings of the 4th IEEE International Workshop on Policies for Distributed Systems and Networks, p.63, June 04-06, 2003
	14	Kagal, L., Finin, T., and Joshi, A. 2003. A policy based approach to security to the semantic web. In 2nd International Semantic Web Conference, Sanibel Island, FL.
	15	Ninghui Li , John C. Mitchell , William H. Winsborough, Design of a Role-Based Trust-Management Framework, Proceedings of the 2002 IEEE Symposium on Security and Privacy, p.114, May 12-15, 2002
	16	Liberty Alliance Project. Available at http://www.projectliberty.org 2002. http://www.projectliberty. org.
	17	Yasushi Ogawa , Tetsuya Morita , Kiyohiko Kobayashi, A fuzzy document retrieval system using the keyword connection matrix and a learning method, Fuzzy Sets and Systems, v.39 n.2, p.163-179, Jan. 25, 1991 [doi>10.1016/0165-0114(91)90210-H]
	18	Postel, J. 1982. Simple Mail Transfer Protocol. RFC 821.
	19	SSL and TLS: designing and building secure systems, Addison-Wesley Longman Publishing Co., Inc., Boston, MA, 2001
	20	G. Salton , M. E. Lesk, Computer Evaluation of Indexing and Text Processing, Journal of the ACM (JACM), v.15 n.1, p.8-36, Jan. 1968 [doi>10.1145/321439.321441]
	21	Ravi S. Sandhu , Edward J. Coyne , Hal L. Feinstein , Charles E. Youman, Role-Based Access Control Models, Computer, v.29 n.2, p.38-47, February 1996 [doi>10.1109/2.485845]
	22	Seamons, K. E., Winslett, M., and Yu, T. 2001. Limiting the disclosure of access control policies during automated trust negotiation. In Network and Distributed System Security Symposium, San Diego, CA. 109--124.
	23	K. Seamons , M. Winslett , T. Yu , B. Smith , E. Child , J. Jacobson , H. Mills , L. Yu, Requirements for Policy Languages for Trust Negotiation, Proceedings of the 3rd International Workshop on Policies for Distributed Systems and Networks (POLICY'02), p.68, June 05-07, 2002
	24	Seamons, K. E., Winslett, M., Yu, T., Yu, L., and Jarvis, R. 2002. Protecting privacy during on-line trust negotiation. In 2nd Workshop on Privacy Enhancing Technologies. Springer-Verlag, San Francisco, CA, 129--143.
	25	Shin, D., Ahn, G., and Cho, S. 2002. Role-based EAM using X509 attribute certificate. In 16th Annual IFIP WG 11.3 Working Conference on Data and Application Security, University of Cambridge, United Kingdom.
	26	Tonti, G., Bradshaw, J. M., Jeffers, R., Montanari, R., Suri, N., and Uszok, A. 2003. Semantic web languages for policy representation and reasoning: A comparison of Kaos, Rei, and Ponder. In 2nd International Semantic Web Conference, Sanibel Island, FL.
	27	A. Uszok , J. Bradshaw , R. Jeffers , N. Suri , P. Hayes , M. Breedy , L. Bunch , M. Johnson , S. Kulkarni , J. Lott, KAoS Policy and Domain Services: Toward a Description-Logic Approach to Policy Representation, Deconfliction, and Enforcement, Proceedings of the 4th IEEE International Workshop on Policies for Distributed Systems and Networks, p.93, June 04-06, 2003
	28	W3C, http://www.w3.org/TR/WD-P3P/Overview.html. Platform for Privacy Preferences (P3P) Specification. W3C, http://www.w3.org/TR/WD-P3P/Overview.html.
	29	N. Li , W. Winsborough, Towards Practical Automated Trust Negotiation, Proceedings of the 3rd International Workshop on Policies for Distributed Systems and Networks (POLICY'02), p.92, June 05-07, 2002
	30	Winsborough, W. H., Seamons, K. E., and Jones, V. E. 2000. Automated trust negotiation. In DARPA Information Survivability Conference and Exposition, Vol. I. IEEE Press, Hilton Head, SC, 88--102.
	31	Marianne Winslett , Ting Yu , Kent E. Seamons , Adam Hess , Jared Jacobson , Ryan Jarvis , Bryan Smith , Lina Yu, Negotiating Trust on the Web, IEEE Internet Computing, v.6 n.6, p.30-37, November 2002 [doi>10.1109/MIC.2002.1067734]
	32	Ting Yu , Marianne Winslett , Kent E. Seamons, Supporting structured credentials and sensitive policies through interoperable strategies for automated trust negotiation, ACM Transactions on Information and System Security (TISSEC), v.6 n.1, p.1-42, February 2003 [doi>10.1145/605434.605435]

CITED BY 3

	Adam J. Lee , Marianne Winslett , Jim Basney , Von Welch, Traust: a trust negotiation-based authorization service for open systems, Proceedings of the eleventh ACM symposium on Access control models and technologies, June 07-09, 2006, Lake Tahoe, California, USA
	Adam J. Lee , Marianne Winslett , Jim Basney , Von Welch, The Traust Authorization Service, ACM Transactions on Information and System Security (TISSEC), v.11 n.1, p.1-33, February 2008
	Abhilasha Bhargav-Spantzel , Anna C. Squicciarini , Elisa Bertino, Trust Negotiation in Identity Management, IEEE Security and Privacy, v.5 n.2, p.55-63, March 2007