Harvesting credentials in trust negotiation as an honest-but-curious adversary

WPES'07 - Proceedings of the 2007 ACM Workshop on Privacy in Electronic Society

Volumn , Issue , 2007, Pages 64-67

  Olson, Lars E ^a   Rosulek, Michael J ^a   Winslett, Marianne ^a  

^a University of Illinois at Urbana Champaign ^*  (United States)

Author keywords

privacy; protocol; trust negotiation; vulnerability

Indexed keywords

PROTOCOL; TRUST NEGOTIATIONS; VULNERABILITY;

COMPUTER PRIVACY;

EID: 77952018992     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/1314333.1314345     Document Type: Conference Paper

References (12)

1. M. Becker and P. Sewell, "Cassandra: Distributed Access Control Policies with Tunable Expressiveness," Workshop on Policies for Distributed Systems and Networks, Yorktown Heights, NY, Jun. 2004.
2. E. Bertino, E. Ferrari, and A. Squicciarini, "Trust-X: A Peer-to-Peer Framework for Trust Establishment," Transactions on Knowledge and Data Engineering 16(7): 827-842, 2004.
3. P. Bonatti and P. Samarati, "Regulating Service Access and Information Release on the Web," Conference on Computer and Communications Security, Athens, Greece, Nov. 2000.
4. J. Camenisch and E. Van Herreweghen, "Design and Implementation of the idemix Anonymous Credential System," Conference on Computer and Communications Security, Washington, DC, Nov. 2002.
5. J. Holt, R. Bradshaw, K. E. Seamons, and H. Orman, "Hidden Credentials,"Workshop on Privacy in the Electronic Society, Washington, DC, Oct. 2003.
6. J. Li and N. Li, "OACerts: Oblivious Attribute Certificates," Conference on Applied Cryptography and Network Security, New York, NY, Jun. 2005.
7. J. Li, N. Li, and W. H. Winsborough, "Automated Trust Negotiation Using Cryptographic Credentials," to appear in Transactions on Information and System Security, 2007.
8. N. Li, W. Du, and D. Boneh, "Oblivious Signature-Based Envelope," Symposium on Principles of Distributed Computing, Boston, MA, Jul. 2003.
9. L. E. Olson, M. J. Rosulek, and M.Winslett, "A Generalized Honest-But-Curious Strategy for Automatically Harvesting Credentials," Technical Report UIUCDCS-R-2007-2892, Department of Computer Science, University of Illinois, Aug. 2007.
10. T. Ryutov, L. Zhou, C. Neuman, T. Leithead, and K. E. Seamons, "Adaptive Trust Negotiation and Access Control," Symposium on Access Control Models and Technologies, Stockholm, Sweden, Jun. 2005.
11. W. H. Winsborough and N. Li, "Towards Practical Automated Trust Negotiation,"Workshop on Policies for Distributed Systems and Networks, Monterrey, CA, Jun. 2002.
12. T. Yu, M. Winslett, and K. E. Seamons, "Supporting Structured Credentials and Sensitive Policies through Interoperable Strategies in Automated Trust Negotiation," Transactions on Information and System Security 6(1): 1-42, Feb. 2003.