Interoperable strategies in automated trust negotiation
CCS '01 Proceedings of the 8th ACM conference on Computer and Communications Security
Role-Based Access Control With X.509 Attribute Certificates
IEEE Internet Computing
Modular Fair Exchange Protocols for Electronic Commerce
ACSAC '99 Proceedings of the 15th Annual Computer Security Applications Conference
X -TNL: An XML-based Language for Trust Negotiations
POLICY '03 Proceedings of the 4th IEEE International Workshop on Policies for Distributed Systems and Networks
Policy Based Electronic Transmission of Prescriptions
POLICY '03 Proceedings of the 4th IEEE International Workshop on Policies for Distributed Systems and Networks
Requirements for Policy Languages for Trust Negotiation
POLICY '02 Proceedings of the 3rd International Workshop on Policies for Distributed Systems and Networks (POLICY'02)
First experiences using XACML for access control in distributed systems
Proceedings of the 2003 ACM workshop on XML security
Trust Negotiations: Concepts, Systems, and Languages
Computing in Science and Engineering
Using XACML for privacy control in SAML-based identity federations
CMS'05 Proceedings of the 9th IFIP TC-6 TC-11 international conference on Communications and Multimedia Security
A comparison of two privacy policy languages: EPAL and XACML
Proceedings of the 3rd ACM workshop on Secure web services
Privacy policy enforcement for ambient ubiquitous services
AmI'10 Proceedings of the First international joint conference on Ambient intelligence
Modeling and negotiating service quality
Service research challenges and solutions for the future internet
Access control for semantic data federations in industrial product-lifecycle management
Computers in Industry
Secure federation of semantic information services
Decision Support Systems
| Hi-index | 0.00 |
Nowadays many organizations share sensitive services through open network systems and this raises the need for an authorization framework that can interoperate even when the parties have no pre-existing relationships. Trust Negotiation is the process used to establish these first relationships, through the transfer of attributes, embedded in digital credentials, between the two parties. However, these attributes may themselves be considered sensitive and so may need protection from disclosure. In some environments, the policies that govern the protected services may also be considered sensitive and their release to arbitrary strangers may leak confidential business information. This paper describes a way to unify the protection of services, sensitive credentials and policies in a synchronized trustworthy manner. We propose a trust authorization framework (TAF) that builds on the capabilities of XACML to support the bilateral exchange of policies and credentials through trust negotiation.