Security without identification: transaction systems to make big brother obsolete
Communications of the ACM
Regulating service access and information release on the Web
Proceedings of the 7th ACM conference on Computer and communications security
Rethinking Public Key Infrastructures and Digital Certificates: Building in Privacy
Rethinking Public Key Infrastructures and Digital Certificates: Building in Privacy
Design and implementation of the idemix anonymous credential system
Proceedings of the 9th ACM conference on Computer and communications security
ACM Transactions on Information and System Security (TISSEC)
IEEE Internet Computing
Protecting sensitive attributes in automated trust negotiation
Proceedings of the 2002 ACM workshop on Privacy in the Electronic Society
Authorization and Attribute Certificates for Widely Distributed Access Control
WETICE '98 Proceedings of the 7th Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises
Distributed credential chain discovery in trust management
Journal of Computer Security
Design of a Role-Based Trust-Management Framework
SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
A Unified Scheme for Resource Protection in Automated Trust Negotiation
SP '03 Proceedings of the 2003 IEEE Symposium on Security and Privacy
Secret Handshakes from Pairing-Based Key Agreements
SP '03 Proceedings of the 2003 IEEE Symposium on Security and Privacy
Oblivious signature-based envelope
Proceedings of the twenty-second annual symposium on Principles of distributed computing
Towards Practical Automated Trust Negotiation
POLICY '02 Proceedings of the 3rd International Workshop on Policies for Distributed Systems and Networks (POLICY'02)
Access Control Meets Public Key Infrastructure, Or: Assigning Roles to Strangers
SP '00 Proceedings of the 2000 IEEE Symposium on Security and Privacy
Proceedings of the 2003 ACM workshop on Privacy in the electronic society
Policy migration for sensitive credentials in trust negotiation
Proceedings of the 2003 ACM workshop on Privacy in the electronic society
Concealing complex policies with hidden credentials
Proceedings of the 11th ACM conference on Computer and communications security
Protecting privacy during on-line trust negotiation
PET'02 Proceedings of the 2nd international conference on Privacy enhancing technologies
Safety and consistency in policy-based authorization systems
Proceedings of the 13th ACM conference on Computer and communications security
Trust management services in relational databases
ASIACCS '07 Proceedings of the 2nd ACM symposium on Information, computer and communications security
Structural signatures for tree data structures
Proceedings of the VLDB Endowment
Enforcing Safety and Consistency Constraints in Policy-Based Authorization Systems
ACM Transactions on Information and System Security (TISSEC)
Automated trust negotiation using cryptographic credentials
ACM Transactions on Information and System Security (TISSEC)
Exploiting cryptography for privacy-enhanced access control: A result of the PRIME Project
Journal of Computer Security - EU-Funded ICT Research on Trust and Security
Supporting privacy preferences in credential-based interactions
Proceedings of the 9th annual ACM workshop on Privacy in the electronic society
Introducing a cross federation identity solution for converged network environments
Principles, Systems and Applications of IP Telecommunications
Fine-grained disclosure of access policies
ICICS'10 Proceedings of the 12th international conference on Information and communications security
Modeling and negotiating service quality
Service research challenges and solutions for the future internet
Frontiers of Computer Science in China
Privacy in the electronic society
ICISS'06 Proceedings of the Second international conference on Information Systems Security
Integrating trust management and access control in data-intensive Web applications
ACM Transactions on the Web (TWEB)
Hi-index | 0.00 |
Automated trust negotiation is an approach which establishes trust between strangers through the bilateral, iterative disclosure of digital credentials. Sensitive credentials are protected by access control policies which may also be communicated to the other party. Ideally, sensitive information should not be known by others unless its access control policy has been satisfied. However, due to bilateral information exchange, information may flow to others in a variety of forms, many of which cannot be protected by access control policies alone. In particular, sensitive information may be inferred by observing negotiation participants' behavior even when access control policies are strictly enforced.In this paper, we propose a general framework for the safety of trust negotiation systems. Compared to the existing safety model, our framework focuses on the actual information gain during trust negotiation instead of the exchanged messages. Thus, it directly reflects the essence of safety in sensitive information protection. Based on the proposed framework, we develop policy databases as a mechanism to help prevent unauthorized information inferences during trust negotiation. We show that policy databases achieve the same protection of sensitive information as existing solutions without imposing additional complications to the interaction between negotiation participants or restricting users' autonomy in defining their own policies.