REFEREE: trust management for Web applications
Selected papers from the sixth international conference on World Wide Web
A new public key cryptosystem based on higher residues
CCS '98 Proceedings of the 5th ACM conference on Computer and communications security
A method for obtaining digital signatures and public-key cryptosystems
Communications of the ACM
A Unified Scheme for Resource Protection in Automated Trust Negotiation
SP '03 Proceedings of the 2003 IEEE Symposium on Security and Privacy
Decentralized Trust Management
SP '96 Proceedings of the 1996 IEEE Symposium on Security and Privacy
Access Control Meets Public Key Infrastructure, Or: Assigning Roles to Strangers
SP '00 Proceedings of the 2000 IEEE Symposium on Security and Privacy
Privacy-preserving k-means clustering over vertically partitioned data
Proceedings of the ninth ACM SIGKDD international conference on Knowledge discovery and data mining
Foundations of Cryptography: Volume 2, Basic Applications
Foundations of Cryptography: Volume 2, Basic Applications
Responding to Policies at Runtime in TrustBuilder
POLICY '04 Proceedings of the Fifth IEEE International Workshop on Policies for Distributed Systems and Networks
Hidden access control policies with hidden credentials
Proceedings of the 2004 ACM workshop on Privacy in the electronic society
Attribute-Based Access Control with Hidden Policies and Hidden Credentials
IEEE Transactions on Computers
OACerts: Oblivious Attribute Certificates
IEEE Transactions on Dependable and Secure Computing
New foundations for efficient authentication, commutative cryptography, and private disjointness testing
Towards an efficient and language-agnostic compliance checker for trust negotiation systems
Proceedings of the 2008 ACM symposium on Information, computer and communications security
Private Information: To Reveal or not to Reveal
ACM Transactions on Information and System Security (TISSEC)
Automated trust negotiation using cryptographic credentials
ACM Transactions on Information and System Security (TISSEC)
Public-key cryptosystems based on composite degree residuosity classes
EUROCRYPT'99 Proceedings of the 17th international conference on Theory and application of cryptographic techniques
Point-based trust: define how much privacy is worth
ICICS'06 Proceedings of the 8th international conference on Information and Communications Security
Efficient k-out-of-n oblivious transfer schemes with adaptive and non-adaptive queries
PKC'05 Proceedings of the 8th international conference on Theory and Practice in Public Key Cryptography
On private scalar product computation for privacy-preserving data mining
ICISC'04 Proceedings of the 7th international conference on Information Security and Cryptology
Hi-index | 0.00 |
Distributed and open environments require flexible, scalable and extendible trust verification mechanisms to access resources. To address this, the use of digital credentials as a means for making access decisions has been promoted. The resource owner needs to verify if the requester's credentials satisfy the security policy of the owner. However, such verification becomes a challenging problem when either the requester does not wish to disclose her credentials before the verification is complete, or the owner wishes to keep its security policy confidential from the requester, or both. In addition, the requester may associate a score to each of her credentials based on her perceived level of privacy. Earlier proposals to address this problem limit the owners policy to be a set of credentials. However, real world policies are more complex than a simple set. In this paper, we present three alternative privacy preserving trust verification solutions that protect both the owner's policy and requester's credentials, while at the same time allowing more expressive owner's policies that can be specified as a tree structure. We analyze their computational complexity, communication cost and the amount of disclosure.