Safety in automated trust negotiation

ACM Transactions on Information and System Security

Volumn 9, Issue 3, 2006, Pages 352-390

  Winsborough, William H ^a,c   Li, Ninghui ^b,d  

^a UNIVERSITY OF TEXAS AT SAN ANTONIO   (United States)

^b PURDUE UNIVERSITY   (United States)

^c University of Texas at San Antonio   (United States)

^d Purdue University   (United States)

Author keywords

Access control; Attribute based access control; Automated trust negotiation; Credentials; Safety; Strategy

Indexed keywords

ACCESS CONTROL; ATTRIBUTE BASED ACCESS CONTROL; AUTOMATED TRUST NEGOTIATION (ATN); CREDENTIALS;

INFORMATION ANALYSIS; PUBLIC POLICY; RESOURCE ALLOCATION; SECURITY SYSTEMS; STRATEGIC PLANNING;

ELECTRONIC COMMERCE;

EID: 33750915444     PISSN: 10949224     EISSN: 10949224     Source Type: Journal    
DOI: 10.1145/1178618.1178623     Document Type: Article

References (28)

1. BLAZE, M., FEIGENBAUM, J., AND LACY, J. 1996. Decentralized trust management. In Proceedings of the 1996 IEEE Symposium on Security and Privacy. IEEE Computer Society Press, Piscataway, New Jersey. 164-173.
2. BONATTI, P. AND SAMARATI, P. 2000. Regulating service access and information release on the web. In Proceedings of the 7th ACM Conference on Computer and Communications Security (CCS-7). ACM Press, New York. 134-143.
3. BONATTI, P., KRAUS, S., AND SUBRAHMANIAN, V. S. 1995. Foundations of secure deductive databases. Knowledge and Data Engineering 7, 3, 406-422.
4. DOMINGO-FERREE, J., Ed. 2002. Inference Control in Statistical Databases, From Theory to Practice. Lecture Notes in Computer Science, vol. 2316. Springer-Verlag, New York.
5. GOGUEN, J. AND MESEGUER, J. 1982. Security policies and security models. In Proceedings of the 1982 IEEE Symposium on Security and Privacy, IEEE Computer Society Press, Piscataway, New Jersey. 11-20.
6. GOLDREICH, O. 2001. The foundations of cryptography - Vol. 1: Basic tools. Cambridge University Press, Cambridge.
7. HERZBERG, A., MASS, Y., MIHAELI, J., NAOR, D., AND RAVID, Y. 2000. Access control meets public key infrastructure, or: Assigning roles to strangers. In Proceedings of the 2000 IEEE Symposium on Security and Privacy. IEEE Computer Society Press, Piscataway, New Jersey. 2-14.
8. HESS, A., JACOBSON, J., MILLS, H., WAMSLEY, R., SEAMONS, K. E., AND SMITH, B. 2002. Advanced client/server authentication in TLS. In Network and Distributed System Security Symposium, 203-214.
9. HOLT, J. E., BRADSHAW, R. W., SEAMONS, K. E., AND ORMAN, H. 2003. Hidden credentials. In Proceedings of the 2nd ACM Workshop on Privacy in the Electronic Society.
10. Li, J., Li, N., AND WINSBOROUGH, W. H. 2005. Automated trust negotiation using cryptographic credentials. In CCS '05: Proceedings of the 12th ACM conference on Computer and communications security. ACM Press, New York. 46-57.
11. Li, N., MITCHELL, J. C., AND WINSBOROUGH, W. H. 2002. Design of a role-based trust management framework. In Proceedings of the 2002 IEEE Symposium on Security and Privacy, IEEE Computer Society Press, Piscataway, New Jersey. 114-130.
12. Li, N., Du, W., AND BONEH, D. 2003a. Oblivious signature-based envelope. In Proceedings of the 22nd ACM Symposium on Principles of Distributed Computing (PODC 2003). ACM Press, New York.
13. Li, N., GROSOF, B. N., AND FEIGENBAUM, J. 2003b. Delegation Logic: A logic-based approach to distributed authorization. ACM Transactions on Information and System Security (TISSEC) 6, 1 (Feb.), 128-171.
14. Li, N., WINSBOROUGH, W. H., AND MITCHELL, J. C. 2003c. Distributed credential chain discovery in trust management. Journal of Computer Security 11, 1 (Feb.), 35-86.
15. RIVEST, R. L., SHAMIR, A., AND ADLEMAN, L. M. 1978. A method for obtaining digital signatures and public-key cryptosystems. Communications of the ACM 21, 120-126.
16. SEAMONS, K. E., WINSLETT, M., AND Yu, T. 2001. Limiting the disclosure of access control policies during automated trust negotiation. In Proceedings of the Symposium on Network and Distributed System Security (NDSS'01).
17. SEAMONS, K. E., WINSLETT, M., YU, T., YU, L., AND JARVIS, R. 2002. Protecting privacy during on-line trust negotiation. In 2nd Workshop on Privacy Enhancing Technologies. Springer-Verlag, New York.
18. STADDON, J. 2003. Dynamic inference control. In Proceedings of the 8th ACM SIOMOD Workshop on Research issues in data mining and knowledge discovery. ACM Press, New York. 94-100.
19. SUTHERLAND, D. 1986. A model of information. In Proceedings of the 9th National Computer Security Conference. 175-183.
20. WANG, L., WIJESEKERA, D., AND JAJODIA, S. 2003. Cardinality-based inference control in data cubes. Journal of Computer Security 12, 5 (Sept. 2004), 655-692.
21. WINSBOROUGH, W. H. AND Li, N. 2002a. Protecting sensitive attributes in automated trust negotiation. In Proceedings of the ACM Workshop on Privacy in the Electronic Society, ACM Press, New York, 41-51.
22. WINSBOHOUGH, W. H. AND LI, N. 2002b. Towards practical automated trust negotiation. In Proceedings of the Third International Workshop on Policies for Distributed Systems and Networks (Policy 2002). IEEE Computer Society Press, Piscataway, New Jersey. 92-103.
23. WINSBOHOUGH, W. H., SEAMONS, K. E., AND JONES, V. E. 2000. Automated trust negotiation. In DARPA Information Survivability Conference and Exposition. Vol. I. IEEE Press, Piscataway, New Jersey. 88-102.
24. WINSLETT, M., YU, T., SEAMONS, K. E., HESS, A., JACOBSON, J., JARVIS, R., SMITH, B., AND YU, L. 2002. Negotiating trust on the web. IEEE Internet Computing 6, 6 (Nov./Dec.), 30-37.
25. Yu, T. AND WINSLETT, M. 2003a. Policy migration for sensitive credentials in trust negotiation. In Proceedings of the ACM Workshop on Privacy in the Electronic Society. ACM Press, New York. 9-20.
26. Yu, T. AND WINSLETT, M. 2003b. Unified scheme for resource protection in automated trust negotiation. In Proceedings of IEEE Symposium on Security and Privacy. IEEE Computer Society Press, Piscataway, New Jersey. 110-122.
27. Yu, T., MA, X., AND WINSLETT, M. 2000. Prunes: An efficient and complete strategy for trust negotiation over the internet. In Proceedings of the 7th ACM Conference on Computer and Communications Security (CCS-7). ACM Press, 210-219.
28. Yu, T., WINSLETT, M., AND SEAMONS, K. E. 2003. Supporting structured credentials and sensitive policies through interoperable strategies for automated trust negotiation. ACM Transactions on Information and System Security (TISSEC) 6, 1 (Feb.), 1-42.