Automated trust negotiation
- 7 November 2002
- conference paper
- Published by Institute of Electrical and Electronics Engineers (IEEE)
Abstract
Distributed software subjects face the problem of determining one another''s trustworthiness. The problem considered is managing the exchange of sensitive credentials between strangers for the purpose of property-based authentication and authorization. An architecture for trust negotiation between client and server is presented. The notion of a trust negotiation strategy is introduced and examined with respect to an abstract model of trust negotiation. Two strategies with very different properties are defined and rigorously analyzed. A language of credential expressions is presented, with two example negotiations illustrating the two negotiation strategies. Ongoing work on policies governing credential disclosure and trust negotiation is summarized. A prototype trust negotiation system has been constructed and is discussed.Keywords
This publication has 6 references indexed in Scilit:
- Authorization in the digital library: secure access to services across enterprise boundariesPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2002
- Decentralized trust managementPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2002
- Secure access to data over the InternetPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2002
- Authorization and attribute certificates for widely distributed access controlPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2002
- The KeyNote Trust-Management System Version 2Published by RFC Editor ,1999
- Using digital credentials on the World Wide WebJournal of Computer Security, 1997