PRUNES: an efficient and complete strategy for automated trust negotiation over the Internet
Proceedings of the 7th ACM conference on Computer and communications security
Interoperable strategies in automated trust negotiation
CCS '01 Proceedings of the 8th ACM conference on Computer and Communications Security
Distributed credential chain discovery in trust management: extended abstract
CCS '01 Proceedings of the 8th ACM conference on Computer and Communications Security
Certificate chain discovery in SPKI?SDSI
Journal of Computer Security
ACM Transactions on Information and System Security (TISSEC)
Design of a Role-Based Trust-Management Framework
SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
Towards Practical Automated Trust Negotiation
POLICY '02 Proceedings of the 3rd International Workshop on Policies for Distributed Systems and Networks (POLICY'02)
Protecting privacy during on-line trust negotiation
PET'02 Proceedings of the 2nd international conference on Privacy enhancing technologies
A Unified Scheme for Resource Protection in Automated Trust Negotiation
SP '03 Proceedings of the 2003 IEEE Symposium on Security and Privacy
First experiences using XACML for access control in distributed systems
Proceedings of the 2003 ACM workshop on XML security
Trust-X: A Peer-to-Peer Framework for Trust Establishment
IEEE Transactions on Knowledge and Data Engineering
Proceedings of the 2003 ACM workshop on Privacy in the electronic society
Policy migration for sensitive credentials in trust negotiation
Proceedings of the 2003 ACM workshop on Privacy in the electronic society
Collaborative Automated Trust Negotiation in Peer-to-Peer Systems
P2P '04 Proceedings of the Fourth International Conference on Peer-to-Peer Computing
Preventing attribute information leakage in automated trust negotiation
Proceedings of the 12th ACM conference on Computer and communications security
Automated trust negotiation using cryptographic credentials
Proceedings of the 12th ACM conference on Computer and communications security
Achieving Privacy in Trust Negotiations with an Ontology-Based Approach
IEEE Transactions on Dependable and Secure Computing
Safety in automated trust negotiation
ACM Transactions on Information and System Security (TISSEC)
Trust Negotiations with Customizable Anonymity
WI-IATW '06 Proceedings of the 2006 IEEE/WIC/ACM international conference on Web Intelligence and Intelligent Agent Technology
Trust Negotiation in Identity Management
IEEE Security and Privacy
PP-trust-X: A system for privacy preserving trust negotiations
ACM Transactions on Information and System Security (TISSEC)
Private and Secure Service Discovery via Progressive and Probabilistic Exposure
IEEE Transactions on Parallel and Distributed Systems
Achieving simultaneous distribution control and privacy protection for Internet media delivery
ACM Transactions on Multimedia Computing, Communications, and Applications (TOMCCAP)
A complete and efficient strategy based on petri net in automated trust negotiation
Proceedings of the 2nd international conference on Scalable information systems
Secure and Efficient Trust Negotiation
Computational Intelligence and Security
Minimal credential disclosure in trust negotiations
Proceedings of the 4th ACM workshop on Digital identity management
Automated trust negotiation using cryptographic credentials
ACM Transactions on Information and System Security (TISSEC)
An introduction to trust negotiation
iTrust'03 Proceedings of the 1st international conference on Trust management
Preventing unofficial information propagation
ICICS'07 Proceedings of the 9th international conference on Information and communications security
Trust establishment in the formation of Virtual Organizations
Computer Standards & Interfaces
Towards a mechanism for incentivating privacy
ESORICS'11 Proceedings of the 16th European conference on Research in computer security
Privacy-Preserving trust negotiations
PET'04 Proceedings of the 4th international conference on Privacy Enhancing Technologies
EDBT'04 Proceedings of the 2004 international conference on Current Trends in Database Technology
Privacy preserving of trust management credentials based on trusted computing
ISPEC'10 Proceedings of the 6th international conference on Information Security Practice and Experience
A new approach to hide policy for automated trust negotiation
IWSEC'06 Proceedings of the 1st international conference on Security
An XML-based protocol for improving trust negotiation between Web Services
Proceedings of the 27th Annual ACM Symposium on Applied Computing
Automated trust negotiation in autonomic environments
IWSOS'07 Proceedings of the Second international conference on Self-Organizing Systems
An ontology-based approach to automated trust negotiation
Computer Standards & Interfaces
| Hi-index | 0.00 |
Exchange of attribute credentials is a means to establish mutual trust between strangers that wish to share resources or conduct business transactions. Automated Trust Negotiation (ATN) is an approach to regulate the flow of sensitive attributes during such an exchange. Recently, it has been noted that early ATN designs do not adequately protect the privacy of negotiating parties. While unauthorized access to credentials can be denied, sensitive information about the attributes they carry may easily be inferred based on the behavior of negotiators faithfully adhering to proposed negotiation procedure. Some proposals for correcting this problem do so by sacrificing the ability to effectively use sensitive credentials. We study an alternative design that avoids this pitfall by allowing negotiators to define policy protecting the attribute itself, rather than the credentials that prove it. We show how such a policy can be enforced. We address technical issues with doing this in the context of trust management-style credentials, which carry delegations and enable one attribute to be inferred from others, and in the context where credentials are stored in a distributed way, and must be discovered and collected before being used in ATN.