A secure and privacy-protecting protocol for transmitting personal information between organizations
Proceedings on Advances in cryptology---CRYPTO '86
Regulating service access and information release on the Web
Proceedings of the 7th ACM conference on Computer and communications security
Policy-directed certificate retrieval
Software—Practice & Experience
Design and implementation of the idemix anonymous credential system
Proceedings of the 9th ACM conference on Computer and communications security
IEEE Internet Computing
KeyNote: Trust Management for Public-Key Infrastructures (Position Paper)
Proceedings of the 6th International Workshop on Security Protocols
The Eigentrust algorithm for reputation management in P2P networks
WWW '03 Proceedings of the 12th international conference on World Wide Web
Trust-X: A Peer-to-Peer Framework for Trust Establishment
IEEE Transactions on Knowledge and Data Engineering
Proceedings of the 2003 ACM workshop on Privacy in the electronic society
Cassandra: Distributed Access Control Policies with Tunable Expressiveness
POLICY '04 Proceedings of the Fifth IEEE International Workshop on Policies for Distributed Systems and Networks
A logic-based framework for attribute based access control
Proceedings of the 2004 ACM workshop on Formal methods in security engineering
Distributed Proving in Access-Control Systems
SP '05 Proceedings of the 2005 IEEE Symposium on Security and Privacy
PeerAccess: a logic for distributed authorization
Proceedings of the 12th ACM conference on Computer and communications security
A reputation-based trust management system for P2P networks
CCGRID '04 Proceedings of the 2004 IEEE International Symposium on Cluster Computing and the Grid
Decentralized trust management
SP'96 Proceedings of the 1996 IEEE conference on Security and privacy
The Traust Authorization Service
ACM Transactions on Information and System Security (TISSEC)
| Hi-index | 0.00 |
The lack of available identity information in attribute-based trust management systems complicates the design of the audit and incident response systems, anomaly detection algorithms, collusion detection/prevention mechanisms, and reputation systems taken for granted in traditional distributed systems. In this paper, we show that as two entities in an attribute-based trust management system interact, each learns one of a limited number of virtual fingerprints describing their communication partner. We show that these virtual fingerprints can be disclosed to other entities in the open system without divulging any attribute or absolute-identity information, thereby forming an opaque pseudo-identity that can be used as the basis for the above-mentioned types of services. We explore the use of virtual fingerprints as the basis of Xiphos, a system that allows reputation establishment without requiring explicit knowledge of entities' civil identities. We discuss the trade-off between privacy and trust, examine the impacts of several attacks on the Xiphos system, and discuss the performance of Xiphos in a simulated grid computing system.