T. Yu, M. Winslett, and K. E. Seamons. Interoperable strategies in automated trust negotiation. In ACM Conference on Computer and Communication Security, Nov. 2001. 4  Home/Search   Document Details and Download   Summary   Related Articles   Check

....scenario. One main line of work in the security community has been devoted to the enhancement of access control approaches with new authentication and authorization capabilities to address the fact that access requests may represent interactions between parties that know little about each other [5, 6, 11, 12, 14, 23]. All these works focused on allowing a peer acting as a server to restrict others ability to access its resources. Peer topeer systems, however, also introduce other problems that reverse the security assumptions of traditional access control and require to focus the attention on providing ....

T. Yu, M. Winslett, and K. Seamons. Interoperable strategies in automated trust negotiation. In Proc. of 8th ACM Computer and Communication Security, Philadephia, PA, November 2001.

....and base their work on a single PKI model. Even some of these works abstract from any particular PKI model. In [32] the authors propose to use credentials in a Web based client server architecture. They present the tasks needed for credential management both on the client side and server side. [33] investigates trust negotiation strategies and discusses credential disclosure policies. These works do not make any assumptions on the underlying PKI model. 31] uses X.509 based identity attribute certificates and use condition certificates (policy assertions) for access control. 17] presents a ....

T. Yu, M. Winslett, and K. Seamons. Interoperable strategies in automated trust negotiation. In Proceedings of 8th ACM Computer Conference on Computer and Communication Security, pages 146--155, Philedelphia, Pennsylvania, Nov. 2001.

....in a natural and logical way. ABAC systems depend on credentials that specify attributes of entities and or rules for deriving entities attributes. These attributes (such as financial or medical data) may be sensitive. The goal of a growing body of work on automated trust negotiation (ATN) [7, 8, 9, 10, 11, 12] is to enable resource requesters and access mediators to establish trust in one another through cautious, iterative, bilateral disclosure of credentials. In ATN, each negotiator establishes access control policies used to regulate not only the granting of system resources, but also the disclosure ....

....content for them. Yu et al. 11] introduced an e#cient strategy that explicitly requires negotiators to reveal to strangers which credentials they hold. Seamons et al. 7] introduced structures called policy graphs for protecting policy content, and strategies enforcing policy graphs. Yu et al. [12, 13] developed families of strategies that can interoperate in the sense that negotiators can use different strategies within the same family. This previous work does not address the problem of protecting information about whether you hold a credential or satisfy an attribute. The Platform for ....

Ting Yu, Marianne Winslett, and Kent E. Seamons. Interoperable strategies in automated trust negotiation. In Proceedings of the 8th ACM Conference on Computer and Communications Security (CCS-8), pages 146--155. ACM Press, November 2001.

No context found.

T. Yu, M. Winslett, and K. E. Seamons. Interoperable strategies in automated trust negotiation. In ACM Conference on Computer and Communication Security, Nov. 2001. 4

No context found.

T. Yu, M. Winslett, and K. E. Seamons, "Interoperable Strategies in Automated Trust Negotiation," 8th ACM Conference on Computer and Communications Security, Philadelphia, Pennsylvania, November 2001.

No context found.

Yu, T., Winslett, M., Seamons, K. E.: Interoperable Strategies in Automated Trust Negotiation, Proceedings of the 8th ACM Conference on Computer and Communications Security, Philadelphia, Pennsylvania (2001).

No context found.

T. Yu, M. Winslett, and K. Seamons. Interoperable Strategies in Automated Trust Negotiation. In ACM Conference on Computer and Communication Security, Philadelphia, PA, Nov. 2001.

No context found.

T. Yu, M. Winslett, and K. Seamons. Interoperable Strategies in Automated Trust Negotiation. In http://drl.cs.uiuc.edu/pubs/ccs2001-long.ps.

No context found.

T. Yu, M. Winslett, and K. Seamons. Interoperable Strategies in Automated Trust Negotiation. In ACM Conference on Computer and Communication Security, Philadelphia, PA, Nov. 2001.

No context found.

T. Yu, M. Winslett, and K. Seamons. Interoperable Strategies in Automated Trust Negotiation. In ACM Conference on Computer and Communication Security, Philadelphia, PA, Nov. 2001.

No context found.

T. Yu, M. Winslett, and K. E. Seamons, "Interoperable Strategies in Automated Trust Negotiation," Proceedings of the 8th ACM Conference on Computer and Communications Security, Philadelphia, Pennsylvania, November 2001.

No context found.

T. Yu, M. Winslett, and K. E. Seamons. Interoperable Strategies in Automated Trust Negotiation. 8th ACM Conference on Computer and Communications Security, Philadelphia, Pennsylvania, November 2001.

....who then discloses her student ID and credit card so that she can purchase her textbooks with a student discount. This example is an illustration of trust negotiation, a new approach to building trust on line through the bilateral exchange of digital credentials issued by trusted third parties [15][13] 6] Credentials must be verifiable and unforgeable, so we adopt public key certificates, such as X509v3 certificates, to obtain the necessary guarantees. A credential may contain sensitive information whose disclosure must be carefully managed in accordance with an access control policy ....

T. Yu, M. Winslett, and K. E. Seamons, "Interoperable Strategies in Automated Trust Negotiation," 8th ACM Conference on Computer and Communications Security, Philadelphia, Pennsylvania, November 2001.

....of the credential. Digital credentials can be implemented using, for example, X. 509 certificates [12] In our approach to automated trust establishment, trust is established incrementally by exchanging credentials and requests for credentials, an iterative process known as trust negotiation [13][3] A trust negotiation strategy controls the exact content of the messages exchanged during trust negotiation, i.e. which credentials to disclose, when to disclose them, and when to terminate a negotiation. A naive strategy for establishing trust is for a client to disclose all its credentials ....

....and determine if any credential privacy protections are violated before responding to the request. Another approach is to dynamically modify policies to prevent leakage of sensitive information. 3. 1 No response Trust negotiation strategies traditionally ensure that all disclosures are safe [13]. The disclosure of a credential or policy is safe if the credentials disclosed so far by the other party satisfy the access control policy governing access to the credential or policy. When a possession sensitive credential is requested during trust negotiation, responding to that request with a ....

[Article contains additional citation context not shown here]

Yu, T., Winslett, M., Seamons, K. E.: Interoperable Strategies in Automated Trust Negotiation, Proceedings of the 8th ACM Conference on Computer and Communications Security, Philadelphia, Pennsylvania (2001).

No context found.

T. Yu, M. Winslett, and Kent Seamons. Interoperable strategies in automated trust negotiation. In Proceedings of 8th ACM Computer and Communication Security, Philadephia, November 2001.

No context found.

84 T. Yu, M. Winslett, K.E. Seamons. Interoperable Strategies in Automated trust Negotiation. Proceedings of 8th ACM Computer and Communication Security, 2001.

No context found.

T. Yu and M. Winslett K.E. Seamons. Interoperable Strategies in Automated Trust Negotiation. In Proc. of the Eighth ACM Conference on Computer and Communications Security, Philadelphia, PA (USA), 2001. This article was processed using the L A T E X macro package with LLNCS style

No context found.

T. Yu, M. Winslett and K.E. Seamons, "Interoperable strategies in automated trust negotiation," in Proc. of the 8th ACM Conference on Computer and Communications Security, Philadelphia, PA, USA, November 2001.

No context found.

T. Yu, M. Winslett and K. Seamons. Interoperable Strategies in Automated Trust Negotiation. ACM Conference on Computer and Communication Security, 2001

No context found.

T. Yu, M. Winslett and K. Seamons. Interoperable Strategies in Automated Trust Negotiation. ACM Conference on Computer and Communication Security, 2001

No context found.

Yu, T., Winslett, M., et al. (2001). Interoperable strategies in automated trust negotiation. 8th ACM Conference on Computer and Communications Security, Philadelphia, USA.

No context found.

T. Yu, M. Winslett, and K. Seamons. Interoperable strategies in automated trust negotiation. In ACM Conference on Computer and Communications Security, Philadelphia, Pennsylvania, November 2001.

No context found.

Yu, T., Winslett, M., and Seamons K.E. Interoperable Strategies in Automated Trust Negotiation. Proceedings of the 8 th ACM Conference on Computer and Communications Security, November 2001.

No context found.

T. Yu, M. Winslett, and K. Seamons. Interoperable strategies in automated trust negotiation. In ACM Conference on Computer and Communications Security, Philadelphia, Pennsylvania, November 2001. 37

No context found.

T. Yu, M. Winslett, and K. E. Seamons, "Interoperable strategies in automated trust negotiation, " in Proceedings of the 8th ACM Conference on Computer and Communications Security (Philadelphia, PA, USA) (P. Samarati, ed.), (New York, NY), pp. 146--155, ACM Press, Nov. 2001.

First 50 documents

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC