Cryptography and network security (2nd ed.): principles and practice
Cryptography and network security (2nd ed.): principles and practice
Regulating service access and information release on the Web
Proceedings of the 7th ACM conference on Computer and communications security
ACM Transactions on Information and System Security (TISSEC)
Protecting sensitive attributes in automated trust negotiation
Proceedings of the 2002 ACM workshop on Privacy in the Electronic Society
An Internet-based negotiation server for e-commerce
The VLDB Journal — The International Journal on Very Large Data Bases
X -TNL: An XML-based Language for Trust Negotiations
POLICY '03 Proceedings of the 4th IEEE International Workshop on Policies for Distributed Systems and Networks
Requirements for Policy Languages for Trust Negotiation
POLICY '02 Proceedings of the 3rd International Workshop on Policies for Distributed Systems and Networks (POLICY'02)
Access Control Meets Public Key Infrastructure, Or: Assigning Roles to Strangers
SP '00 Proceedings of the 2000 IEEE Symposium on Security and Privacy
Database Security-Concepts, Approaches, and Challenges
IEEE Transactions on Dependable and Secure Computing
Adaptive trust negotiation and access control
Proceedings of the tenth ACM symposium on Access control models and technologies
Establishing and protecting digital identity in federation systems
Proceedings of the 2005 workshop on Digital identity management
Achieving Privacy in Trust Negotiations with an Ontology-Based Approach
IEEE Transactions on Dependable and Secure Computing
Traust: a trust negotiation-based authorization service for open systems
Proceedings of the eleventh ACM symposium on Access control models and technologies
Safety and consistency in policy-based authorization systems
Proceedings of the 13th ACM conference on Computer and communications security
Establishing and protecting digital identity in federation systems
Journal of Computer Security - The First ACM Workshop on Digital Identity Management -- DIM 2005
Managing Impacts of Security Protocol Changes in Service-Oriented Applications
ICSE '07 Proceedings of the 29th international conference on Software Engineering
Trust Negotiation in Identity Management
IEEE Security and Privacy
Lightweight cnsistency enforcement schemes for distributed proofs with hidden subtrees
Proceedings of the 12th ACM symposium on Access control models and technologies
PP-trust-X: A system for privacy preserving trust negotiations
ACM Transactions on Information and System Security (TISSEC)
Harvesting credentials in trust negotiation as an honest-but-curious adversary
Proceedings of the 2007 ACM workshop on Privacy in electronic society
The Traust Authorization Service
ACM Transactions on Information and System Security (TISSEC)
Dynamic trust negotiation for flexible e-health collaborations
Proceedings of the 15th ACM Mardi Gras conference: From lightweight mash-ups to lambda grids: Understanding the spectrum of distributed computing requirements, applications, tools, infrastructures, interoperability, and the incremental adoption of key capabilities
Information Assurance: Dependability and Security in Networked Systems
Information Assurance: Dependability and Security in Networked Systems
Composition and evaluation of trustworthy web services
International Journal of Web and Grid Services
A complete and efficient strategy based on petri net in automated trust negotiation
Proceedings of the 2nd international conference on Scalable information systems
Towards an efficient and language-agnostic compliance checker for trust negotiation systems
Proceedings of the 2008 ACM symposium on Information, computer and communications security
Detecting and resolving policy misconfigurations in access-control systems
Proceedings of the 13th ACM symposium on Access control models and technologies
Socialtrust: tamper-resilient trust establishment in online communities
Proceedings of the 8th ACM/IEEE-CS joint conference on Digital libraries
Interactive access control for autonomic systems: From theory to implementation
ACM Transactions on Autonomous and Adaptive Systems (TAAS)
Exploiting Preferences for Minimal Credential Disclosure in Policy-Driven Trust Negotiations
SDM '08 Proceedings of the 5th VLDB workshop on Secure Data Management
Enforcing Safety and Consistency Constraints in Policy-Based Authorization Systems
ACM Transactions on Information and System Security (TISSEC)
Minimal credential disclosure in trust negotiations
Proceedings of the 4th ACM workshop on Digital identity management
Identity-based long running negotiations
Proceedings of the 4th ACM workshop on Digital identity management
Distributed Authorization by Multiparty Trust Negotiation
ESORICS '08 Proceedings of the 13th European Symposium on Research in Computer Security: Computer Security
Rater Credibility Assessment in Web Services Interactions
World Wide Web
A Novel Automated Trust Negotiation Framework for Securing Grids
Computer Supported Cooperative Work in Design IV
Optimal Privacy-Aware Path in Hippocratic Databases
DASFAA '09 Proceedings of the 14th International Conference on Database Systems for Advanced Applications
Confidentiality-preserving distributed proofs of conjunctive queries
Proceedings of the 4th International Symposium on Information, Computer, and Communications Security
Towards a dynamic and composable model of trust
Proceedings of the 14th ACM symposium on Access control models and technologies
Trust negotiation: authorization for virtual organizations
Proceedings of the 5th Annual Workshop on Cyber Security and Information Intelligence Research: Cyber Security and Information Intelligence Challenges and Strategies
RATEWeb: Reputation Assessment for Trust Establishment among Web services
The VLDB Journal — The International Journal on Very Large Data Bases
Toward Trustworthy Web Services - Approaches, Weaknesses and Trust-By-Contract Framework
WI-IAT '09 Proceedings of the 2009 IEEE/WIC/ACM International Joint Conference on Web Intelligence and Intelligent Agent Technology - Volume 03
The SocialTrust framework for trusted social information management: Architecture and algorithms
Information Sciences: an International Journal
A negotiation-based trust establishment service for CROWN grid
International Journal of Autonomous and Adaptive Communications Systems
Access control for XML documents and data
Information Security Tech. Report
Network authentication protocol based on mcropayment protocol
CCDC'09 Proceedings of the 21st annual international conference on Chinese control and decision conference
Core TuLiP logic programming for trust management
ICLP'07 Proceedings of the 23rd international conference on Logic programming
Evaluating rater credibility for reputation assessment of web services
WISE'07 Proceedings of the 8th international conference on Web information systems engineering
Preventing unofficial information propagation
ICICS'07 Proceedings of the 9th international conference on Information and communications security
On the consistency of distributed proofs with hidden subtrees
ACM Transactions on Information and System Security (TISSEC)
Receipt-mode trust negotiation: efficient authorization through outsourced interactions
Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security
Access Control for Databases: Concepts and Systems
Foundations and Trends in Databases
Modeling and negotiating service quality
Service research challenges and solutions for the future internet
Frontiers of Computer Science in China
Digital identity security architecture in Ethos
Proceedings of the 7th ACM workshop on Digital identity management
A requirements-driven trust framework for secure interoperation in open environments
iTrust'06 Proceedings of the 4th international conference on Trust Management
Virtual fingerprinting as a foundation for reputation in open systems
iTrust'06 Proceedings of the 4th international conference on Trust Management
Towards automated evaluation of trust constraints
iTrust'06 Proceedings of the 4th international conference on Trust Management
Synergy: a policy-driven, trust-aware information dissemination framework
ISI'06 Proceedings of the 4th IEEE international conference on Intelligence and Security Informatics
Access control requirements for preventing insider threats
ISI'06 Proceedings of the 4th IEEE international conference on Intelligence and Security Informatics
Privacy-Preserving trust negotiations
PET'04 Proceedings of the 4th international conference on Privacy Enhancing Technologies
EDBT'04 Proceedings of the 2004 international conference on Current Trends in Database Technology
Anonymity preserving techniques in trust negotiations
PET'05 Proceedings of the 5th international conference on Privacy Enhancing Technologies
Building trust communities using social trust
UMAP'11 Proceedings of the 19th international conference on Advances in User Modeling
Identifying and utilizing secure paths in ad hoc assistive medical environments
Security and Communication Networks
Automated trust negotiation in autonomic environments
IWSOS'07 Proceedings of the Second international conference on Self-Organizing Systems
Fairness and access control for mobile P2P auctions over MANETs
Journal of Theoretical and Applied Electronic Commerce Research
A Game Theoretic Approach to Optimize Identity Exposure in Pervasive Computing Environments
International Journal of Information Security and Privacy
PBA4WSSP: a policy-based architecture for web services security processing
Service Oriented Computing and Applications
Policy-driven role-based access management for ad-hoc collaboration
Journal of Computer Security
Hi-index | 0.00 |
In this paper, we present {\rm{Trust}}{\hbox{-}}{\cal{X}}, a comprehensive XML-based [12] framework for trust negotiations, specifically conceived for a peer-to-peer environment. Trust negotiation is a promising approach for establishing trust in open systems like the Internet, where sensitive interactions may often occur between entities at first contact, with no prior knowledge of each other. The framework we propose takes into account all aspects related to negotiations, from the specification of the profiles and policies of the involved parties to the selection of the best strategy to succeed in the negotiation. {\rm{Trust}}{\hbox{-}}{\cal{X}} presents a number of innovative features, such as the support for protection of sensitive policies, the use of trust tickets to speed up the negotiation, and the support of different strategies to carry on a negotiation. In this paper, besides presenting the language to encode security information, we present the system architecture and algorithms according to which negotiations can take place.