Traust: a trust negotiation-based authorization service for open systems
Proceedings of the eleventh ACM symposium on Access control models and technologies
Redirection policies for mission-based information sharing
Proceedings of the eleventh ACM symposium on Access control models and technologies
A survey of autonomic communications
ACM Transactions on Autonomous and Adaptive Systems (TAAS)
Security-by-contract for web services
Proceedings of the 2007 ACM workshop on Secure web services
Computer Networks: The International Journal of Computer and Telecommunications Networking
Program partitioning using dynamic trust models
FAST'06 Proceedings of the 4th international conference on Formal aspects in security and trust
Automated trust negotiation in autonomic environments
IWSOS'07 Proceedings of the Second international conference on Self-Organizing Systems
Towards modeling trust based decisions: a game theoretic approach
ESORICS'07 Proceedings of the 12th European conference on Research in Computer Security
Hi-index | 0.00 |
Distributed software subjects face the problem of determining one another''s trustworthiness. The problem considered is managing the exchange of sensitive credentials between strangers for the purpose of property-based authentication and authorization. An architecture for trust negotiation between client and server is presented. The notion of a trust negotiation strategy is introduced and examined with respect to an abstract model of trust negotiation. Two strategies with very different properties are defined and rigorously analyzed. A language of credential expressions is presented, with two example negotiations illustrating the two negotiation strategies. Ongoing work on policies governing credential disclosure and trust negotiation is summarized. A prototype trust negotiation system has been constructed and is discussed.