Towards Practical Automated Trust Negotiation

Authors: William H. Winsborough and Ninghui Li

Abstract:

Exchange of attribute credentials is a means to establish mutual trust between strangers that wish to share resources or conduct business transactions. Automated Trust Negotiation (ATN) is an approach to regulate the exchange of sensitive credentials by using access control policies. Existing ATN work makes unrealistic simplifying assumptions about credential-representation languages and credential storage. Moreover, while existing work protects the transmission of credentials, it fails to hide the contents of credentials, thus providing uncontrolled access to potentially sensitive attributes. To protect information about sensitive attributes, we introduce the notion of attribute acknowledgment policies (Ack policies). We then introduce the trust target graph (TTG) protocol, which supports a more realistic credential language, Ack policies, and distributed storage of credentials.

Reference:
In Proceedings of the Third International Workshop on Policies for Distributed Systems and Networks, pages 92--103. IEEE Computer Society Press, June 2002.

Paper: PDF.

BibTex Data:

@InProceedings{WL02a,
  author =       "William H. Winsborough and Ninghui Li",
  title =        "Towards Practical Automated Trust Negotiation",
  booktitle =    "Proceedings of the Third International Workshop on Policies for
                 Distributed Systems and Networks (Policy 2002)",
  year =         "2002",
  pages =        "92--103",
  month =        jun,
  publisher =    "IEEE Computer Society Press",
}

Back to Ninghui's publications, Ninghui's home page.