A uniform framework for regulating service access and information release on the web
Journal of Computer Security
IEEE Internet Computing
Towards Practical Automated Trust Negotiation
POLICY '02 Proceedings of the 3rd International Workshop on Policies for Distributed Systems and Networks (POLICY'02)
The Specification and Enforcement of Advanced Security Policies
POLICY '02 Proceedings of the 3rd International Workshop on Policies for Distributed Systems and Networks (POLICY'02)
Access Control Meets Public Key Infrastructure, Or: Assigning Roles to Strangers
SP '00 Proceedings of the 2000 IEEE Symposium on Security and Privacy
SD3: A Trust Management System with Certified Evaluation
SP '01 Proceedings of the 2001 IEEE Symposium on Security and Privacy
Trust-X: A Peer-to-Peer Framework for Trust Establishment
IEEE Transactions on Knowledge and Data Engineering
Cassandra: Distributed Access Control Policies with Tunable Expressiveness
POLICY '04 Proceedings of the Fifth IEEE International Workshop on Policies for Distributed Systems and Networks
Model-Driven Trust Negotiation for Web Services
IEEE Internet Computing
Integrated access control and intrusion detection for Web servers
IEEE Transactions on Parallel and Distributed Systems
A note on the anatomy of federation
BT Technology Journal
Traust: a trust negotiation-based authorization service for open systems
Proceedings of the eleventh ACM symposium on Access control models and technologies
Managing Impacts of Security Protocol Changes in Service-Oriented Applications
ICSE '07 Proceedings of the 29th international conference on Software Engineering
Adaptive Trust Negotiation and Access Control for Grids
GRID '05 Proceedings of the 6th IEEE/ACM International Workshop on Grid Computing
A Survey of Approaches to Adaptive Application Security
SEAMS '07 Proceedings of the 2007 International Workshop on Software Engineering for Adaptive and Self-Managing Systems
Collaborative Detection of DDoS Attacks over Multiple Network Domains
IEEE Transactions on Parallel and Distributed Systems
Harvesting credentials in trust negotiation as an honest-but-curious adversary
Proceedings of the 2007 ACM workshop on Privacy in electronic society
The Traust Authorization Service
ACM Transactions on Information and System Security (TISSEC)
A privacy-aware access control system
Journal of Computer Security - 20th Annual IFIP WG 11.3 Working Conference on Data and Applications Security (DBSec'06)
Federation proxy for cross domain identity federation
Proceedings of the 5th ACM workshop on Digital identity management
A Genetic Algorithms-Based Approach for Optimized Self-protection in a Pervasive Service Middleware
ICSOC-ServiceWave '09 Proceedings of the 7th International Joint Conference on Service-Oriented Computing
Exploiting cryptography for privacy-enhanced access control: A result of the PRIME Project
Journal of Computer Security - EU-Funded ICT Research on Trust and Security
Context sensitive adaptive authentication
EuroSSC'07 Proceedings of the 2nd European conference on Smart sensing and context
Obligations for privacy and confidentiality in distributed transactions
EUC'07 Proceedings of the 2007 conference on Emerging direction in embedded and ubiquitous computing
Initial trust formation in Virtual Organisations
International Journal of Internet Technology and Secured Transactions
Supporting privacy preferences in credential-based interactions
Proceedings of the 9th annual ACM workshop on Privacy in the electronic society
Receipt-mode trust negotiation: efficient authorization through outsourced interactions
Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security
Modeling and negotiating service quality
Service research challenges and solutions for the future internet
A framework for flexible access control in digital library systems
DBSEC'06 Proceedings of the 20th IFIP WG 11.3 working conference on Data and Applications Security
A requirements-driven trust framework for secure interoperation in open environments
iTrust'06 Proceedings of the 4th international conference on Trust Management
Privacy in the electronic society
ICISS'06 Proceedings of the Second international conference on Information Systems Security
Integrating trust management and access control in data-intensive Web applications
ACM Transactions on the Web (TWEB)
Hi-index | 0.00 |
Electronic transactions regularly occur between business partners in separate security domains. Trust negotiation is an approach that provides an open authentication and access-control environment for such transactions, but it is vulnerable to malicious attacks leading to denial of service or leakage of sensitive information. This paper introduces an Adaptive Trust Negotiation and Access Control (ATNAC) framework to solve these problems. The framework combines two existing systems, TrustBuilder and GAA-API, to create a system with more flexibility and responsiveness to attack than either system currently provides.