A method for obtaining digital signatures and public-key cryptosystems
Communications of the ACM
Certificate chain discovery in SPKI?SDSI
Journal of Computer Security
Trust Management and Network Layer Security Protocols
Proceedings of the 7th International Workshop on Security Protocols
Compliance Checking in the PolicyMaker Trust Management System
FC '98 Proceedings of the Second International Conference on Financial Cryptography
Distributed credential chain discovery in trust management
Journal of Computer Security
Small worlds in security systems: an analysis of the PGP certificate graph
Proceedings of the 2002 workshop on New security paradigms
Oblivious signature-based envelope
Proceedings of the twenty-second annual symposium on Principles of distributed computing
Requirements for Policy Languages for Trust Negotiation
POLICY '02 Proceedings of the 3rd International Workshop on Policies for Distributed Systems and Networks (POLICY'02)
Towards Practical Automated Trust Negotiation
POLICY '02 Proceedings of the 3rd International Workshop on Policies for Distributed Systems and Networks (POLICY'02)
Proceedings of the 2003 ACM workshop on Privacy in the electronic society
KNOW Why your access was denied: regulating feedback for usable security
Proceedings of the 11th ACM conference on Computer and communications security
OACerts: oblivious attribute certificates
ACNS'05 Proceedings of the Third international conference on Applied Cryptography and Network Security
A new approach to hide policy for automated trust negotiation
IWSEC'06 Proceedings of the 1st international conference on Security
Hi-index | 0.00 |
Compliance checker is an important component for automated trust negotiation (ATN) to examine whether the credentials match the access control policies. A good design for compliance checker helps to speed up trust establishment between parties during the negotiation, and can also improve negotiation efficiency. Unfortunately, it has been noted that compliance checker has got little attention in design and implementation. On the contrary, more work has been spent on the algorithms on how to protect sensitive information. A RT0 based compliance checker (RBCC) model for ATN is presented in this paper. We give its architecture and workflow, and illustrate how it works through a practical example. The case study shows that the model satisfies compliance checker's basic requirements and provides good information feedback mechanism to protect sensitive information.