|
 ABSTRACT
Automated trust negotiation is an approach to establishing trust between strangers through the exchange of digital credentials and the use of access control policies that specify what combinations of credentials a stranger must disclose in order to gain access to each local service or credential. We introduce the concept of a trust negotiation protocol, which defines the ordering of messages and the type of information messages will contain. To carry out trust negotiation, a party pairs its negotiation protocol with a trust negotiation strategy that controls the exact content of the messages, i.e., which credentials to disclose, when to disclose them, and when to terminate a negotiation. There are a huge number of possible strategies for negotiating trust, each with different properties with respect to speed of negotiations and caution in giving out credentials and policies. In the autonomous world of the Internet, entities will want the freedom to choose negotiation strategies that meet their own goals, which means that two strangers who negotiate trust will often not use the same strategy. To date, only a tiny fraction of the space of possible negotiation strategies has been explored, and no two of the strategies proposed so far will interoperate. In this paper, we define a large set of strategies called the disclosure tree strategy (DTS) family. Then we prove that if two parties each choose strategies from the DTS family, then they will be able to negotiate trust as well as if they were both using the same strategy. Further, they can change strategies at any point during negotiation. We also show that the DTS family is closed, i.e., any strategy that can interoperate with every strategy in the DTS family must also be a member of the DTS family. We also give examples of practical strategies that belong to the DTS family and fit within the TrustBuilder architecture and protocol for trust negotiation.
REFERENCES
Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.
| |
1
|
|
| |
2
|
M.Blaze,J.Feigenbaum,J.Ioannidis,and A.Keromytis.The KeyNote Trust Management System Version 2.In Internet Draft RFC 2704 , September 1999.
|
| |
3
|
|
 |
4
|
|
| |
5
|
T.Dierks and C.Allen.The TLS Protocol Version 1.0. In http://www.ietf.org/rfc/rfc2246.txt ,January 1999.
|
| |
6
|
S.Farrell.TLS Extension for Attribute Certi .cate Based Authorization.In http://www.ietf.org/internetdrafts/draft-ietf-tls-attr-cert-01.txt ,August 1998.
|
| |
7
|
A.Frier,P.Karlton,and P.Kocher.The SSL 3.0 Protocol .Netscape Communications Corp.,November 1996.
|
| |
8
|
Amir Herzberg , Yosi Mass , Joris Michaeli , Yiftach Ravid , Dalit Naor, Access Control Meets Public Key Infrastructure, Or: Assigning Roles to Strangers, Proceedings of the 2000 IEEE Symposium on Security and Privacy, p.2, May 14-17, 2000
|
| |
9
|
|
| |
10
|
International Telecommunication Union.Rec.X.509 - Information Technology -Open Systems Interconnection -The Directory:Authentication Framework ,August 1997.
|
| |
11
|
|
| |
12
|
K.Seamons,M.Winslett,and T.Yu.Limiting the Disclosure of Access Control Policies during Automated Trust Negotiation.In Network and Distributed System Security Symposium ,San Diego, CA,April 2001.
|
| |
13
|
W3C, http://www.w3.org/TR/WD-P3P/Overview.html. Platform for Privacy Preferences (P3P)Speci .cation .
|
| |
14
|
W.Winsborough,K.Seamons,and V.Jones. Automated Trust Negotiation.In DARPA Information Survivability Conference and Exposition , Hilton Head,SC,January 2000.
|
| |
15
|
|
| |
16
|
T.Yu,M.Winslett,and K.Seamons.Interoperable Strategies in Automated Trust Negotiation.In http://drl.cs.uiuc.edu/pubs/ccs2001-long.ps .
|
| |
17
|
P.Zimmerman.PGP User 's Guide MIT Press,1994.
|
CITED BY 19
|
|
|
|
|
Ernesto Damiani , De Capitani di Vimercati , Stefano Paraboschi , Pierangela Samarati , Fabio Violante, A reputation-based approach for choosing reliable resources in peer-to-peer networks, Proceedings of the 9th ACM conference on Computer and communications security, November 18-22, 2002, Washington, DC, USA
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Jun Noda , Mie Takahashi , Itaru Hosomi , Hisashi Mouri , Yoshiaki Takata , Hiroyuki Seki, Integrating presence inference into trust management for ubiquitous systems, Proceedings of the eleventh ACM symposium on Access control models and technologies, June 07-09, 2006, Lake Tahoe, California, USA
|
|
|
Oluwafemi Ajayi , Richard Sinnott , Anthony Stell, Dynamic trust negotiation for flexible e-health collaborations, Proceedings of the 15th ACM Mardi Gras conference: From lightweight mash-ups to lambda grids: Understanding the spectrum of distributed computing requirements, applications, tools, infrastructures, interoperability, and the incremental adoption of key capabilities, January 29-February 03, 2008, Baton Rouge, Louisiana
|
|
|
|
|
|
|
|
|
|
|
|
Mateus B. Costa , Rodolfo F. Resende , Eduardo F. Nakamura , Marcelo V. Segatto, Software frameworks for information systems integration based on web services, Proceedings of the 2008 ACM symposium on Applied computing, March 16-20, 2008, Fortaleza, Ceara, Brazil
|
|
|
|
|
|
Sabrina De Capitani di Vimercati , Sara Foresti , Sushil Jajodia , Stefano Paraboschi , Gerardo Pelosi , Pierangela Samarati, Preserving confidentiality of security policies in data outsourcing, Proceedings of the 7th ACM workshop on Privacy in the electronic society, October 27-27, 2008, Alexandria, Virginia, USA
|
|
|
|
|
|
|
|
Adobe Acrobat
QuickTime
Windows Media Player
Real Player
Pdf
K.4