PP-trust-X: A system for privacy preserving trust negotiations

Authors:
A. Squicciarini;E. Bertino;Elena Ferrari;F. Paci;B. Thuraisingham
Affiliations:
Purdue University, West Lafayette, IN;Purdue University, West Lafayette, IN;Universita' degli Studi dell'Insubria, Varese;Universita' degli Studi di Milano, Milano;The University of Texas at Dallas, Dallas, Texas
Venue:
ACM Transactions on Information and System Security (TISSEC)
Year:
2007

Citing 16
Cited 11

Security without identification: transaction systems to make big brother obsolete

Communications of the ACM
User privacy issues regarding certificates and the TLS protocol: the design and implementation of the SPSL protocol

Proceedings of the 7th ACM conference on Computer and communications security
Regulating service access and information release on the Web

Proceedings of the 7th ACM conference on Computer and communications security
Rethinking Public Key Infrastructures and Digital Certificates: Building in Privacy

Rethinking Public Key Infrastructures and Digital Certificates: Building in Privacy
Design and implementation of the idemix anonymous credential system

Proceedings of the 9th ACM conference on Computer and communications security
Supporting structured credentials and sensitive policies through interoperable strategies for automated trust negotiation

ACM Transactions on Information and System Security (TISSEC)
Negotiating Trust on the Web

IEEE Internet Computing
Protecting sensitive attributes in automated trust negotiation

Proceedings of the 2002 ACM workshop on Privacy in the Electronic Society
Bit Commitment Using Pseudo-Randomness

CRYPTO '89 Proceedings of the 9th Annual International Cryptology Conference on Advances in Cryptology
X -TNL: An XML-based Language for Trust Negotiations

POLICY '03 Proceedings of the 4th IEEE International Workshop on Policies for Distributed Systems and Networks
A Unified Scheme for Resource Protection in Automated Trust Negotiation

SP '03 Proceedings of the 2003 IEEE Symposium on Security and Privacy
Towards Practical Automated Trust Negotiation

POLICY '02 Proceedings of the 3rd International Workshop on Policies for Distributed Systems and Networks (POLICY'02)
Access Control Meets Public Key Infrastructure, Or: Assigning Roles to Strangers

SP '00 Proceedings of the 2000 IEEE Symposium on Security and Privacy
Trust-X: A Peer-to-Peer Framework for Trust Establishment

IEEE Transactions on Knowledge and Data Engineering
Concealing complex policies with hidden credentials

Proceedings of the 11th ACM conference on Computer and communications security
Traust: a trust negotiation-based authorization service for open systems

Proceedings of the eleventh ACM symposium on Access control models and technologies

Information Assurance: Dependability and Security in Networked Systems

Information Assurance: Dependability and Security in Networked Systems
A three-layered model to implement data privacy policies

Computer Standards & Interfaces
Redactable signatures on data with dependencies and their application to personal health records

Proceedings of the 8th ACM workshop on Privacy in the electronic society
A dynamic privacy model for web services

Computer Standards & Interfaces
Trust establishment in the formation of Virtual Organizations

Computer Standards & Interfaces
Achieving optimal privacy in trust-aware social recommender systems

SocInfo'10 Proceedings of the Second international conference on Social informatics
Modeling and negotiating service quality

Service research challenges and solutions for the future internet
Towards a mechanism for incentivating privacy

ESORICS'11 Proceedings of the 16th European conference on Research in computer security
An XML-based protocol for improving trust negotiation between Web Services

Proceedings of the 27th Annual ACM Symposium on Applied Computing
A trust-based noise injection strategy for privacy protection in cloud

Software—Practice & Experience
A Game Theoretic Approach to Optimize Identity Exposure in Pervasive Computing Environments

International Journal of Information Security and Privacy

Quantified Score

Hi-index	0.00

Visualization

Abstract

Trust negotiation is a promising approach for establishing trust in open systems, in which sensitive interactions may often occur between entities with no prior knowledge of each other. Although, to date several trust negotiation systems have been proposed, none of them fully address the problem of privacy preservation. Today, privacy is one of the major concerns of users when exchanging information through the Web and thus we believe that trust negotiation systems must effectively address privacy issues in order to be widely applicable. For these reasons, in this paper, we investigate privacy in the context of trust negotiations. We propose a set of privacy-preserving features for inclusion in any trust negotiation system, such as the support for the P3P standard, as well as a number of innovative features, such as a novel format for encoding digital credentials specifically designed for preserving privacy. Further, we present a variety of interoperable strategies to carry on the negotiation with the aim of improving both privacy and efficiency.