Remembrance of local information status for enforcing robustness of policy-exchanged strategies for trust negotiation

Proceedings - 2014 IEEE 13th International Conference on Trust, Security and Privacy in Computing and Communications, TrustCom 2014

Volumn , Issue , 2015, Pages 106-113

  Zhang, Yunxi ^a   Mundy, Darren ^a  

^a UNIVERSITY OF HULL   (United Kingdom)

Author keywords

Policy cyclic dependencies; Policy exchanged strategies; Remembrance of local information status; Repetitive credential request attacks; Trust negotiation; Vulnerability

Indexed keywords

COMPUTER PROGRAMMING; COMPUTER SCIENCE;

CYCLIC DEPENDENCIES; LOCAL INFORMATION; REPETITIVE CREDENTIAL REQUEST ATTACKS; TRUST NEGOTIATIONS; VULNERABILITY;

ACCESS CONTROL;

EID: 84923006102     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/TrustCom.2014.18     Document Type: Conference Paper

References (25)

1. T. Barlow, A. Hess, and K. E. Seamons, Trust Negotiation in Electronic Markets. In: Proceedings of the Eighth Research Symposium on Emerging Electronic Markets. DOI= 10.1.1.9.595. 2001.
2. S. Baselice, P. A.Bonatti, and M. Faella, On interoperable trust negotiation strategies. In Eighth IEEE International Workshop on Policies for Distributed Systems and Networks. Bologna, Italy, pp. 39-50. DOI= 10.1109/POLICY.2007.29. 2007.
3. E. Bertino, E. Ferrari, and A. C. Squicciarini, Trust-X: A Peer-to-Peer Framework for Trust Establishment. IEEE Transactions on Knowledge and Data Engineering. 16(7), 827-842. DOI= 10.1109/TKDE.2004.1318565. 2004.
4. D. Ferraiolo, and R. Kuhn, Role-Based Access Controls. In 15th National Computer Security Conference. DOI= 10.1.1.48.3900. 1992.
5. S. Guo, and W. Jiang, An Adaptive Automated Trust Negotiation Model and Algorithm. In 2010 International Conference on Communications and Intelligence Information Security (ICCIIS). DOI= 10.1109/ICCIIS.2010. 2010.
6. A. Hess, J. Holt, J. Jacobson, and K. E. Seamons, Content-Triggered Trust Negotiation. ACM Transactions on Information and System Security (TISSEC), 7(3), 428-456. DOI=10.1145/1015040.1015044. 2004.
7. A. J. Lee, M. Winslett, and K. J. Perano, TrustBuilder2: A Recongurable Framework for Trust Negotiation. IFIP Advances in Information and Communication Technology, 300, 176-195. DOI=10.1007/978-3-642-02056-8-12. 2009.
8. N. Li, W. Du, and D. Boneh, Oblivious signature-based envelope. Distributed Computing, 17(4), 293-302. DOI=10.1007/s00446-004-0116-1. 2003.
9. X. Liu, S. Tang, Q. Huang, and Z. Zhu, An ontology-based approach to automated trust negotiation. Computer Standards &Interfaces. 36(1), 219-230. DOI= 10.1016/j.csi.2013.03.003. 2013.
10. H. Lu, and B. Liu, DFANS: A highly efficient strategy for automated trust negotiation. Computers &Security, 28(7), pp.557-565. DOI=10.1016/j.cose.2009.03.004. 2009.
11. B. Parducci, and H. Lockhart, eXtensible Access Control Markup Language (XACML) Version 3.0. [Online], Available: http: //docs.oasisopen. org/xacml/3.0/xacml-3.0-core-spec-os-en.html. 2010.
12. L. Olson, M. Winslett, G. Toni, N. Seeley, A. Uszok, and J. Bradshaw, Trust Negotiation as an Authorization Service for Web Services. In: 22nd International Conference on Data Engineering Workshops. DOI= 10.1109/ICDEW.2006.154. 2006.
13. J. Orkphol, and K. Li, Multi-negotiation targets in Automated Trust Negotiation over TrustBuilder2 framework. In: 8th International Conference on Computing Technology and Information Management (ICCM). 2012.
14. T. Ryutov, L. Zhou, C. Neuman, T. Leithead, and K. E. Seamons, Adaptive Trust Negotiation and Access Control. In: Proceedings of the tenth ACM symposium on Access control models and technologies. DOI=10.1145/1063979.1064004. 2005.
15. K. E. Seamons, M. Winslett, T. Yu, B. Smith, E. Child, J. Jacobson, H. Mills, and L. Yu, Requirements for Policy Languages for Trust Negotiation. In: Proceedings of the 3rd International Workshop on Policies for Distributed Systems and Networks. 2002.
16. H. Skogsrud, H. R. Motahari-Nezhad, B. Benatallah, and F. Casati, Modeling Trust Negotiation for Web Services. Computer. 42(2), 54-61. DOI=10.1109/MC.2009.56. 2009.
17. A. Squicciarini, E. Bertino, E. Ferrari, F. Paci, and B. Thuraisingham, PP-trust-X: A system for privacy preserving trust negotiations. ACM Transactions on Information and System Security (TISSEC), 10(3). DOI=10.1145/1266977.126698. 2007.
18. A. Squicciarini, E. Bertino, A. Trombetta, and S. Braghin, A Flexbile Approach to Multi-Session Trust Negotiations. IEEE Transactions on Dependable and Secure Computing. 9(1), 2-15. DOI=10.1109/TDSC.2011.31. 2012.
19. W. H. Winsborough, K. E. Seamons, and V. E. Jones, Negotiating Disclosure of Sensitive Crendentials. In: Second Conference on Security in Communication Networks. DOI=10.1.1.34.8359. 1999.
20. W. H. Winsborough, K. E. Seamons, and V. E. Jones, Automated Trust Negotiation. DAPRA Information Survivability Conference and Exposition. [Online] Available from: http: //isrl.cs.byu.edu/pubs/discex2000.pdf. 2000.
21. T. Yu, X. Ma, and M. Winslett, PRUNES: an efficient and complete strategy for automated trust negotiation over the Internet. In: Proceedings of the 7th ACM conference on Computer and communications security. 210-219. DOI=10.1145/352600.352633. 2000.
22. T. Yu, M. Winslett, and S. E. Seamons, Interoperable strategies in automated trust negotiation. In: Proceedings of the 8th ACM conference on Computer and Communications Security. 146-155. DOI=10.1145/501983.502004. 2001.
23. T. Yu, M. Winslett, and K. E. Seamons, Supporting structured credentials and sensitive policies through interoperable strategies for automated trust negotiation. ACM Transactions on Information and System Security (TISSEC), 6(1), 1-42. DOI=10.1145/605434.605435. 2003.
24. E. Yuan, and J. Tong, Attributed based access control (ABAC) for Web services. In: Proceedings of the IEEE International Conference on Web Services (ICWS '05). DOI= 10.1109/ICWS.2005.25. 2005.
25. Y. Zhang, and T. Ishaya, An XML-based Protocol for Improving Trust Negotiation in Web Services. In: Proceedings of the 27th Annual ACM Symposium on Applied Computing (SAC '12). DOI= 10.1145/2245276.2232098.2012