Regulating service access and information release on the Web
Proceedings of the 7th ACM conference on Computer and communications security
ACM Transactions on Information and System Security (TISSEC)
IEEE Internet Computing
DOS-Resistant Authentication with Client Puzzles
Revised Papers from the 8th International Workshop on Security Protocols
X -TNL: An XML-based Language for Trust Negotiations
POLICY '03 Proceedings of the 4th IEEE International Workshop on Policies for Distributed Systems and Networks
Trust-X: A Peer-to-Peer Framework for Trust Establishment
IEEE Transactions on Knowledge and Data Engineering
Cassandra: Distributed Access Control Policies with Tunable Expressiveness
POLICY '04 Proceedings of the Fifth IEEE International Workshop on Policies for Distributed Systems and Networks
New client puzzle outsourcing techniques for DoS resistance
Proceedings of the 11th ACM conference on Computer and communications security
Adaptive trust negotiation and access control
Proceedings of the tenth ACM symposium on Access control models and technologies
PeerAccess: a logic for distributed authorization
Proceedings of the 12th ACM conference on Computer and communications security
Towards an efficient and language-agnostic compliance checker for trust negotiation systems
Proceedings of the 2008 ACM symposium on Information, computer and communications security
Hi-index | 0.00 |
In trust negotiation approaches to authorization, previously unacquainted entities establish trust in one another gradually via the bilateral and iterative exchange of policies and digital credentials. Although this affords resource providers with an expressive means of access control for open systems, the trust negotiation process incurs non-trivial computational and communications costs. In this paper, we propose Receipt-Mode Trust Negotiation (RMTN) as a means of mitigating the performance penalties on servers that use trust negotiation. RMTN provides a means of off-loading the majority of the trust negotiation process to delegated receipt-generating helper servers. RMTN ensures that helpers produce correct trust negotiation protocol receipts, and that the helpers are incapable of impersonating the resource server outside of the RMTN protocol. We describe an initial implementation of our RMTN protocol on a Linux testbed, discuss the security of this protocol, and present experimental results indicating that the receipt-mode protocol does indeed enhance the performance of resource servers that rely on trust negotiation approaches to authorization.