A new approach to hide policy for automated trust negotiation

Authors:
Hai Jin;Zhensong Liao;Deqing Zou;Weizhong Qiang
Affiliations:
Cluster and Grid Computing Lab, Huazhong University of Science and Technology, Wuhan, China;Cluster and Grid Computing Lab, Huazhong University of Science and Technology, Wuhan, China;Cluster and Grid Computing Lab, Huazhong University of Science and Technology, Wuhan, China;Cluster and Grid Computing Lab, Huazhong University of Science and Technology, Wuhan, China
Venue:
IWSEC'06 Proceedings of the 1st international conference on Security
Year:
2006

Citing 13
Cited 2

Regulating service access and information release on the Web

Proceedings of the 7th ACM conference on Computer and communications security
PRUNES: an efficient and complete strategy for automated trust negotiation over the Internet

Proceedings of the 7th ACM conference on Computer and communications security
Protecting sensitive attributes in automated trust negotiation

Proceedings of the 2002 ACM workshop on Privacy in the Electronic Society
Identity-Based Encryption from the Weil Pairing

CRYPTO '01 Proceedings of the 21st Annual International Cryptology Conference on Advances in Cryptology
A Unified Scheme for Resource Protection in Automated Trust Negotiation

SP '03 Proceedings of the 2003 IEEE Symposium on Security and Privacy
Oblivious signature-based envelope

Proceedings of the twenty-second annual symposium on Principles of distributed computing
Towards Practical Automated Trust Negotiation

POLICY '02 Proceedings of the 3rd International Workshop on Policies for Distributed Systems and Networks (POLICY'02)
Automated trust establishment in open systems

Automated trust establishment in open systems
Hidden Credentials

Proceedings of the 2003 ACM workshop on Privacy in the electronic society
Hidden access control policies with hidden credentials

Proceedings of the 2004 ACM workshop on Privacy in the electronic society
Concealing complex policies with hidden credentials

Proceedings of the 11th ACM conference on Computer and communications security
OACerts: oblivious attribute certificates

ACNS'05 Proceedings of the Third international conference on Applied Cryptography and Network Security
Privacy-Preserving trust negotiations

PET'04 Proceedings of the 4th international conference on Privacy Enhancing Technologies

A Formal Framework for Expressing Trust Negotiation in the Ubiquitous Computing Environment

UIC '08 Proceedings of the 5th international conference on Ubiquitous Intelligence and Computing
A RT0-based compliance checker model for automated trust negotiation

PAISI'07 Proceedings of the 2007 Pacific Asia conference on Intelligence and security informatics

Quantified Score

Hi-index	0.00

Visualization

Abstract

Automated trust negotiation (ATN) is an important approach to establish trust between strangers through the exchange of credentials and access control policies. In practice, access control policy may contain sensitive information. The negotiation process becomes complicated when the access control policy is designed complex in order to avoid information leakage. Furthermore, if the access control policy has conflicts or cycles, normal negotiation strategies often fail. In this paper, a new approach to hide access control policy is proposed based on the study on the existing problems. In the approach, the policy consistency is checked so as to detect policy conflicts. 0-1 table is used to implement it as well as discover minimal credential-set. Meanwhile, a practical example shows that the approach is suitable and can effectively protect sensitive information in access control policy.