XSB as an efficient deductive database engine
SIGMOD '94 Proceedings of the 1994 ACM SIGMOD international conference on Management of data
Regulating service access and information release on the Web
Proceedings of the 7th ACM conference on Computer and communications security
PRUNES: an efficient and complete strategy for automated trust negotiation over the Internet
Proceedings of the 7th ACM conference on Computer and communications security
Interoperable strategies in automated trust negotiation
CCS '01 Proceedings of the 8th ACM conference on Computer and Communications Security
Distributed credential chain discovery in trust management: extended abstract
CCS '01 Proceedings of the 8th ACM conference on Computer and Communications Security
The Logic Programming Paradigm: A 25-Year Perspective
The Logic Programming Paradigm: A 25-Year Perspective
A Flexible Security System for Using Internet Content
IEEE Software
Relying Party Credentials Framework
CT-RSA 2001 Proceedings of the 2001 Conference on Topics in Cryptology: The Cryptographer's Track at RSA
Authorization and Attribute Certificates for Widely Distributed Access Control
WETICE '98 Proceedings of the 7th Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises
Access Control Meets Public Key Infrastructure, Or: Assigning Roles to Strangers
SP '00 Proceedings of the 2000 IEEE Symposium on Security and Privacy
A Practically Implementable and Tractable Delegation Logic
SP '00 Proceedings of the 2000 IEEE Symposium on Security and Privacy
IEEE Internet Computing
Protecting sensitive attributes in automated trust negotiation
Proceedings of the 2002 ACM workshop on Privacy in the Electronic Society
An access control model for dynamic client-side content
Proceedings of the eighth ACM symposium on Access control models and technologies
Oblivious signature-based envelope
Proceedings of the twenty-second annual symposium on Principles of distributed computing
An access control framework for business processes for web services
Proceedings of the 2003 ACM workshop on XML security
Trust-serv: model-driven lifecycle management of trust negotiation policies for web services
Proceedings of the 13th international conference on World Wide Web
Towards a credential-based implementation of compound access control policies
Proceedings of the ninth ACM symposium on Access control models and technologies
Trust-X: A Peer-to-Peer Framework for Trust Establishment
IEEE Transactions on Knowledge and Data Engineering
Policy migration for sensitive credentials in trust negotiation
Proceedings of the 2003 ACM workshop on Privacy in the electronic society
Content-triggered trust negotiation
ACM Transactions on Information and System Security (TISSEC)
Collaborative Automated Trust Negotiation in Peer-to-Peer Systems
P2P '04 Proceedings of the Fourth International Conference on Peer-to-Peer Computing
A logic-based framework for attribute based access control
Proceedings of the 2004 ACM workshop on Formal methods in security engineering
KNOW Why your access was denied: regulating feedback for usable security
Proceedings of the 11th ACM conference on Computer and communications security
IEEE Intelligent Systems
Policy-hiding access control in open environment
Proceedings of the twenty-fourth annual ACM symposium on Principles of distributed computing
Preventing attribute information leakage in automated trust negotiation
Proceedings of the 12th ACM conference on Computer and communications security
Automated trust negotiation using cryptographic credentials
Proceedings of the 12th ACM conference on Computer and communications security
PeerAccess: a logic for distributed authorization
Proceedings of the 12th ACM conference on Computer and communications security
Anonymous yet accountable access control
Proceedings of the 2005 ACM workshop on Privacy in the electronic society
Achieving Privacy in Trust Negotiations with an Ontology-Based Approach
IEEE Transactions on Dependable and Secure Computing
Supporting location-based conditions in access control policies
ASIACCS '06 Proceedings of the 2006 ACM Symposium on Information, computer and communications security
Traust: a trust negotiation-based authorization service for open systems
Proceedings of the eleventh ACM symposium on Access control models and technologies
Oblivious signature-based envelope
Distributed Computing
Safety in automated trust negotiation
ACM Transactions on Information and System Security (TISSEC)
Safety and consistency in policy-based authorization systems
Proceedings of the 13th ACM conference on Computer and communications security
A survey of autonomic communications
ACM Transactions on Autonomous and Adaptive Systems (TAAS)
OACerts: Oblivious Attribute Certificates
IEEE Transactions on Dependable and Secure Computing
Trust management services in relational databases
ASIACCS '07 Proceedings of the 2nd ACM symposium on Information, computer and communications security
A Negotiation Scheme for Access Rights Establishment in Autonomic Communication
Journal of Network and Systems Management
Managing Impacts of Security Protocol Changes in Service-Oriented Applications
ICSE '07 Proceedings of the 29th international conference on Software Engineering
Trust Negotiation in Identity Management
IEEE Security and Privacy
Lightweight cnsistency enforcement schemes for distributed proofs with hidden subtrees
Proceedings of the 12th ACM symposium on Access control models and technologies
Using semantics for automatic enforcement of access control policies among dynamic coalitions
Proceedings of the 12th ACM symposium on Access control models and technologies
PP-trust-X: A system for privacy preserving trust negotiations
ACM Transactions on Information and System Security (TISSEC)
Harvesting credentials in trust negotiation as an honest-but-curious adversary
Proceedings of the 2007 ACM workshop on Privacy in electronic society
Security-by-contract for web services
Proceedings of the 2007 ACM workshop on Secure web services
The Traust Authorization Service
ACM Transactions on Information and System Security (TISSEC)
Dynamic trust negotiation for flexible e-health collaborations
Proceedings of the 15th ACM Mardi Gras conference: From lightweight mash-ups to lambda grids: Understanding the spectrum of distributed computing requirements, applications, tools, infrastructures, interoperability, and the incremental adoption of key capabilities
Exploiting tourism destinations' knowledge in an RDF-based P2P network
Journal of Network and Computer Applications
International Journal of Web Engineering and Technology
A complete and efficient strategy based on petri net in automated trust negotiation
Proceedings of the 2nd international conference on Scalable information systems
Towards an efficient and language-agnostic compliance checker for trust negotiation systems
Proceedings of the 2008 ACM symposium on Information, computer and communications security
Interactive access control for autonomic systems: From theory to implementation
ACM Transactions on Autonomous and Adaptive Systems (TAAS)
A privacy-aware access control system
Journal of Computer Security - 20th Annual IFIP WG 11.3 Working Conference on Data and Applications Security (DBSec'06)
Enforcing Safety and Consistency Constraints in Policy-Based Authorization Systems
ACM Transactions on Information and System Security (TISSEC)
Preserving confidentiality of security policies in data outsourcing
Proceedings of the 7th ACM workshop on Privacy in the electronic society
Minimal credential disclosure in trust negotiations
Proceedings of the 4th ACM workshop on Digital identity management
Identity-based long running negotiations
Proceedings of the 4th ACM workshop on Digital identity management
Distributed Authorization by Multiparty Trust Negotiation
ESORICS '08 Proceedings of the 13th European Symposium on Research in Computer Security: Computer Security
A Novel Automated Trust Negotiation Framework for Securing Grids
Computer Supported Cooperative Work in Design IV
Confidentiality-preserving distributed proofs of conjunctive queries
Proceedings of the 4th International Symposium on Information, Computer, and Communications Security
Trust Management and Trust Negotiation in an Extension of SQL
Trustworthy Global Computing
Computer Networks: The International Journal of Computer and Telecommunications Networking
Trust negotiation: authorization for virtual organizations
Proceedings of the 5th Annual Workshop on Cyber Security and Information Intelligence Research: Cyber Security and Information Intelligence Challenges and Strategies
Persona: an online social network with user-defined privacy
Proceedings of the ACM SIGCOMM 2009 conference on Data communication
Automated trust negotiation using cryptographic credentials
ACM Transactions on Information and System Security (TISSEC)
Toward Trustworthy Web Services - Approaches, Weaknesses and Trust-By-Contract Framework
WI-IAT '09 Proceedings of the 2009 IEEE/WIC/ACM International Joint Conference on Web Intelligence and Intelligent Agent Technology - Volume 03
An XACML-based privacy-centered access control system
Proceedings of the first ACM workshop on Information security governance
An extended XACML model to ensure secure information access for web services
Journal of Systems and Software
Memory Complexity of Automated Trust Negotiation Strategies
PRIMA '09 Proceedings of the 12th International Conference on Principles of Practice in Multi-Agent Systems
Exploiting cryptography for privacy-enhanced access control: A result of the PRIME Project
Journal of Computer Security - EU-Funded ICT Research on Trust and Security
Effective trust management through a hybrid logical and relational approach
ASIACCS '10 Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security
An introduction to trust negotiation
iTrust'03 Proceedings of the 1st international conference on Trust management
Preventing unofficial information propagation
ICICS'07 Proceedings of the 9th international conference on Information and communications security
Mediator-free secure policy interoperation of exclusively-trusted multiple domains
ISPEC'08 Proceedings of the 4th international conference on Information security practice and experience
On the consistency of distributed proofs with hidden subtrees
ACM Transactions on Information and System Security (TISSEC)
Rule-based policy representations and reasoning
Semantic techniques for the web
Identity Federation for VoIP systems
Journal of Computer Security - Digital Identity Management (DIM 2007)
Supporting privacy preferences in credential-based interactions
Proceedings of the 9th annual ACM workshop on Privacy in the electronic society
Attribute-Based Messaging: Access Control and Confidentiality
ACM Transactions on Information and System Security (TISSEC)
MyABDAC: compiling XACML policies for attribute-based database access control
Proceedings of the first ACM conference on Data and application security and privacy
Receipt-mode trust negotiation: efficient authorization through outsourced interactions
Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security
Modeling and negotiating service quality
Service research challenges and solutions for the future internet
ACConv -- An Access Control Model for Conversational Web Services
ACM Transactions on the Web (TWEB)
Towards a mechanism for incentivating privacy
ESORICS'11 Proceedings of the 16th European conference on Research in computer security
A distributed coalition service registry for ad-hoc dynamic coalitions: a service-oriented approach
DBSEC'06 Proceedings of the 20th IFIP WG 11.3 working conference on Data and Applications Security
A construction for general and efficient oblivious commitment based envelope protocols
ICICS'06 Proceedings of the 8th international conference on Information and Communications Security
Semantic web policies – a discussion of requirements and research issues
ESWC'06 Proceedings of the 3rd European conference on The Semantic Web: research and applications
A requirements-driven trust framework for secure interoperation in open environments
iTrust'06 Proceedings of the 4th international conference on Trust Management
Traust: a trust negotiation based authorization service
iTrust'06 Proceedings of the 4th international conference on Trust Management
OACerts: oblivious attribute certificates
ACNS'05 Proceedings of the Third international conference on Applied Cryptography and Network Security
Policies, models, and languages for access control
DNIS'05 Proceedings of the 4th international conference on Databases in Networked Information Systems
DBSec'05 Proceedings of the 19th annual IFIP WG 11.3 working conference on Data and Applications Security
EDBT'04 Proceedings of the 2004 international conference on Current Trends in Database Technology
Interactive credential negotiation for stateful business processes
iTrust'05 Proceedings of the Third international conference on Trust Management
Trust negotiation for semantic web services
SWSWPC'04 Proceedings of the First international conference on Semantic Web Services and Web Process Composition
FC'06 Proceedings of the 10th international conference on Financial Cryptography and Data Security
Privacy in the electronic society
ICISS'06 Proceedings of the Second international conference on Information Systems Security
O2O: virtual private organizations to manage security policy interoperability
ICISS'06 Proceedings of the Second international conference on Information Systems Security
ICISS'05 Proceedings of the First international conference on Information Systems Security
SPEAR: design of a secured peer-to-peer architecture
ICISS'05 Proceedings of the First international conference on Information Systems Security
Anonymity preserving techniques in trust negotiations
PET'05 Proceedings of the 5th international conference on Privacy Enhancing Technologies
Integrating trust management and access control in data-intensive Web applications
ACM Transactions on the Web (TWEB)
Signaling theory and information asymmetry in online commerce
Information and Management
A unified attribute-based access control model covering DAC, MAC and RBAC
DBSec'12 Proceedings of the 26th Annual IFIP WG 11.3 conference on Data and Applications Security and Privacy
Rule-based policy representation and reasoning for the semantic web
RW'07 Proceedings of the Third international summer school conference on Reasoning Web
A role-based administration model for attributes
Proceedings of the First International Workshop on Secure and Resilient Architectures and Systems
Attacks on Confidentiality of Communications Between Stranger Organizations
International Journal of Knowledge-Based Organizations
An ontology-based approach to automated trust negotiation
Computer Standards & Interfaces
| Hi-index | 0.00 |
Business and military partners, companies and their customers, and other closely cooperating parties may have a compelling need to conduct sensitive interactions on line, such as accessing each other's local services and other local resources. Automated trust negotiation is an approach to establishing trust between parties so that such interactions can take place, through the use of access control policies that specify what combinations of digital credentials a stranger must disclose to gain access to a local resource. A party can use many different strategies to negotiate trust, offering tradeoffs between the length of the negotiation, the amount of extraneous information disclosed, and the computational effort expended. To preserve parties' autonomy, each party should ideally be able to choose its negotiation strategy independently, while still being guaranteed that negotiations will succeed whenever possible---that the two parties' strategies will interoperate. In this paper we provide the formal underpinnings for that goal, by formalizing the concepts of negotiation protocols, strategies, and interoperation. We show how to model the information flow of a negotiation for use in analyzing strategy interoperation. We also present two large sets of strategies whose members all interoperate with one another, and show that these sets contain many practical strategies. We develop the theory for black-box propositional credentials as well as credentials with internal structure, and for access control policies whose contents are (respectively are not) sensitive. We also discuss how these results fit into TrustBuilder, our prototype system for trust negotiation.