More Web Proxy on the site http://driver.im/

research-article

Automated trust negotiation using cryptographic credentials

Authors:

William H. WinsboroughAuthors Info & Claims

ACM Transactions on Information and System Security (TISSEC), Volume 13, Issue 1

Article No.: 2, Pages 1 - 35

https://doi.org/10.1145/1609956.1609958

Published: 06 November 2009 Publication History

Abstract

In automated trust negotiation (ATN), two parties exchange digitally signed credentials that contain attribute information to establish trust and make access control decisions. Because the information in question is often sensitive, credentials are protected according to access control policies. In traditional ATN, credentials are transmitted either in their entirety or not at all. This approach can at times fail unnecessarily, either because a cyclic dependency makes neither negotiator willing to reveal her credential before her opponent because the opponent must be authorized for all attributes packaged together in a credential to receive any of them, or because it is necessary to disclose the precise attribute values, rather than merely proving they satisfy some predicate (such as being over 21 years of age). Recently, several cryptographic credential schemes and associated protocols have been developed to address these and other problems. However, they can be used only as fragments of an ATN process. This article introduces a framework for ATN in which the diverse credential schemes and protocols can be combined, integrated, and used as needed. A policy language is introduced that enables negotiators to specify authorization requirements that must be met by an opponent to receive various amounts of information about certified attributes and the credentials that contain it. The language also supports the use of uncertified attributes, allowing them to be required as part of policy satisfaction, and to place their (automatic) disclosure under policy control.

References

[1]

Bagga, W. and Molva, R. 2005. Policy-based cryptography and applications. In Proceedings of the 9th International Conference on Financial Cryptography and Data Security. Springer, Berlin.

Digital Library

[2]

Balfanz, D., Durfee, G., Shankar, N., Smetters, D., Staddon, J., and Wong, H.-C. 2003. Secret handshakes from pairing-based key agreements. In Proceedings of the IEEE Symposium on Security and Privacy. IEEE, Los Alamitos, CA, 180--196.

Digital Library

[3]

Blaze, M., Feigenbaum, J., Ioannidis, J., and Keromytis, A. D. 1999. The KeyNote Trust-Management System, version 2. IETF RFC 2704. http://www.cis.upenn.edu/~angelos/Papers/rfc2704.txt.

[4]

Blaze, M., Feigenbaum, J., and Lacy, J. 1996. Decentralized trust management. In Proceedings of the IEEE Symposium on Security and Privacy. IEEE, Los Alamitos, CA, 164--173.

Digital Library

[5]

Boeyen, S., Howes, T., and Richard, P. 1999. Internet X.509 Public Key Infrastructure LDAPc2 Schema. IETF RFC 2587.

[6]

Bonatti, P. and Samarati, P. 2000. Regulating service access and information release on the Web. In Proceedings of the 7th ACM Conference on Computer and Communications Security. ACM, New York, 134--143.

Digital Library

[7]

Boudot, F. 2000. Efficient proofs that a committed number lies in an interval. In Advances in Cryptology (EUROCRYPT'00). Springer, Berlin, 431--444.

Digital Library

[8]

Bradshaw, R., Holt, J., and Seamons, K. 2004. Concealing complex policies with hidden credentials. In Proceedings of 11th ACM Conference on Computer and Communications Security. ACM, New York, 146--157.

Digital Library

[9]

Brands, S. A. 2000. Rethinking Public Key Infrastructures and Digital Certificates: Building in Privacy. MIT Press, Cambridge, MA.

Digital Library

[10]

Camenisch, J. and Herreweghen, E. V. 2002. Design and implementation of the idemix anonymous credential system. In Proceedings of the 9th ACM Conference on Computer and Communications Security. ACM, New York, 21--30.

Digital Library

[11]

Camenisch, J. and Lysyanskaya, A. 2001. An efficient system for non-transferable anonymous credentials with optional anonymity revocation. In Advances in Cryptology (EUROCRYPT'01). Springer, Berlin, 93--118.

Digital Library

[12]

Castelluccia, C., Jarecki, S., and Tsudik, G. 2004. Secret handshakes from CA-oblivious encryption. In Advances in Cryptology (ASIACRYPT'04). Springer, Berlin, 293--307.

[13]

Chaum, D. 1985. Security without identification: Transaction systems to make big brother obsolete. Comm. ACM 28, 10, 1030--1044.

Digital Library

[14]

Clarke, D., Elien, J.-E., Ellison, C., Fredette, M., Morcos, A., and Rivest, R. L. 2001. Certificate chain discovery in SPKI/SDSI. J. Comput. Secur. 9, 4, 285--322.

Digital Library

[15]

Cramer, R. and Damgård, I. 1998. Zero-knowledge proof for finite field arithmetic, or: Can zero-knowledge be for free&quest; In Advances in Cryptology (CRYPTO'98). Springer, Berlin, 424--441.

Digital Library

[16]

Cramer, R., Franklin, M. K., Schoenmakers, B., and Yung, M. 1996. Multi-authority secret-ballot elections with linear work. In Advances in Cryptology (EUROCRYPT'96). Springer, Berlin, 72--83.

Digital Library

[17]

Damgård, I. and Fujisaki, E. 2002. An integer commitment scheme based on groups with hidden order. In Advances in Cryptology (ASIACRYPT'02). Springer, Berlin, 125--142.

Digital Library

[18]

DeTreville, J. 2002. Binder, a logic-based security language. In Proceedings of the IEEE Symposium on Security and Privacy. IEEE, Los Alamitos, CA, 105--113.

Digital Library

[19]

Dodis, Y., Kiayias, A., Nicolosi, A., and Shoup, V. 2004. Anonymous identification in ad hoc groups. In Advances in Cryptology (EUROCRYPT'04). Springer, Berlin, 609--626.

[20]

Durfee, G. and Franklin, M. 2000. Distribution chain security. In Proceedings of the 7th ACM Conference on Computer and Communications Security. ACM, New York, 63--70.

Digital Library

[21]

Ellison, C., Frantz, B., Lampson, B., Rivest, R., Thomas, B., and Ylonen, T. 1999. SPKI certificate theory. IETF RFC 2693.

[22]

Frikken, K. B., Atallah, M. J., and Li, J. 2004. Hidden access control policies with hidden credentials. In Proceedings of the 3rd ACM Workshop on Privacy in the Electronic Society. ACM, New York.

Digital Library

[23]

Frikken, K. B., Li, J., and Atallah, M. J. 2006. Trust negotiation with hidden credentials, hidden policies, and policy cycles. In Proceedings of 13th Network and Distributed System Security Symposium. ISOC, Reston, VA, 157--172.

[24]

Gunter, C. A. and Jim, T. 2000. Policy-directed certificate retrieval. Softw. Pract. Exp. 30, 15, 1609--1640.

Digital Library

[25]

Hess, A., Jacobson, J., Mills, H., Wamsley, R., Seamons, K. E., and Smith, B. 2002. Advanced client/server authentication in TLS. In Proceedings of the Network and Distributed System Security Symposium. ISOC, Reston, VA, 203--214.

[26]

Holt, J. E., Bradshaw, R. W., Seamons, K. E., and Orman, H. 2003. Hidden credentials. In Proceedings of the 2nd ACM Workshop on Privacy in the Electronic Society. ACM, New York, 1--8.

Digital Library

[27]

Housley, R., Ford, W., Polk, T., and Solo, D. 1999. Internet X.509 public key infrastructure certificate and CRL profile. IETF RFC 2459.

[28]

Irwin, K. and Yu, T. 2005. Preventing attribute information leakage in automated trust negotiation. In Proceedings of the 12th ACM Conference on Computer and Communications Security. ACM, New York, 36--45.

Digital Library

[29]

Jim, T. 2001. SD3: A trust management system with certified evaluation. In Proceedings of the 2001 IEEE Symposium on Security and Privacy. IEEE, Los Alamitos, CA, 106--115.

Digital Library

[30]

Li, J. and Li, N. 2005a. OACerts: Oblivious attribute certificates. In Proceedings of the 3rd Conference on Applied Cryptography and Network Security. Springer, Berlin, 301--317.

Digital Library

[31]

Li, J. and Li, N. 2005b. Policy-hiding access control in open environment. In Proceedings of the 24nd ACM Symposium on Principles of Distributed Computing. ACM, New York, 29--38.

Digital Library

[32]

Li, N., Du, W., and Boneh, D. 2003. Oblivious signature-based envelope. In Proceedings of the 22nd ACM Symposium on Principles of Distributed Computing. ACM, New York, 182--189.

Digital Library

[33]

Li, N., Grosof, B. N., and Feigenbaum, J. 2003. Delegation Logic: A logic-based approach to distributed authorization. ACM Trans. Inf. Syst. Secur. 6, 1, 128--171.

Digital Library

[34]

Li, N. and Mitchell, J. C. 2003. Datalog with constraints: A foundation for trust management languages. In Proceedings of the 5th International Symposium on Practical Aspects of Declarative Languages. Springer, Berlin, 58--73.

Digital Library

[35]

Li, N., Mitchell, J. C., and Winsborough, W. H. 2002. Design of a role-based trust management framework. In Proceedings of the IEEE Symposium on Security and Privacy. IEEE, Los Alamitos, CA, 114--130.

Digital Library

[36]

Li, N., Winsborough, W. H., and Mitchell, J. C. 2003. Distributed credential chain discovery in trust management. J. Comput. Secur. 11, 1, 35--86.

Digital Library

[37]

Lysyanskaya, A., Rivest, R. L., Sahai, A., and Wolf, S. 1999. Pseudonym systems. In Proceedings of the 6th Workshop on Selected Areas in Cryptography. Springer, Berlin, 184--199.

Digital Library

[38]

Pedersen, T. P. 1991. Non-interactive and information-theoretic secure verifiable secret sharing. In Advances in Cryptology (CRYPTO'91). Springer, Berlin, 129--140.

Digital Library

[39]

Rivest, R. L. and Lampson, B. 1996. SDSI: A Simple Distributed Security Infrastructure. http://groups.csail.mit.edu/cis/sdsi.html.

[40]

Seamons, K. E., Winslett, M., and Yu, T. 2001. Limiting the disclosure of access control policies during automated trust negotiation. In Proceedings of the Symposium on Network and Distributed System Security. ISOC, Reston, VA.

[41]

Seamons, K. E., Winslett, M., Yu, T., Yu, L., and Jarvis, R. 2002. Protecting privacy during online trust negotiation. In Proceedings of the 2nd Workshop on Privacy Enhancing Technologies. Springer-Verlag, Berlin.

[42]

Smart, N. 2003. Access control using pairing based cryptography. In Proceedings of the Cryptographers' Track at the RSA Conference. Springer-Verlag, Berlin, 111--121.

Digital Library

[43]

Winsborough, W. H. and Li, N. 2002a. Protecting sensitive attributes in automated trust negotiation. In Proceedings of the ACM Workshop on Privacy in the Electronic Society. ACM, New York, 41--51.

Digital Library

[44]

Winsborough, W. H. and Li, N. 2002b. Towards practical automated trust negotiation. In Proceedings of the 3rd International Workshop on Policies for Distributed Systems and Networks. IEEE, Los Alamitos, CA, 92--103.

Digital Library

[45]

Winsborough, W. H. and Li, N. 2004. Safety in automated trust negotiation. In Proceedings of the IEEE Symposium on Security and Privacy. IEEE, Los Alamitos, CA, 147--160.

[46]

Winsborough, W. H., Seamons, K. E., and Jones, V. E. 2000. Automated trust negotiation. In Proceedings of the DARPA Information Survivability Conference and Exposition. IEEE, Los Alamitos, CA, 88--102.

[47]

Winslett, M., Yu, T., Seamons, K. E., Hess, A., Jacobson, J., Jarvis, R., Smith, B., and Yu, L. 2002. Negotiating trust on the Web. IEEE Internet Comput. 6, 6, 30--37.

Digital Library

[48]

Yu, T. and Winslett, M. 2003a. Policy migration for sensitive credentials in trust negotiation. In Proceedings of the ACM Workshop on Privacy in the Electronic Society. ACM, New York, 9--20.

Digital Library

[49]

Yu, T. and Winslett, M. 2003b. Unified scheme for resource protection in automated trust negotiation. In Proceedings of IEEE Symposium on Security and Privacy. IEEE, Los Alamitos, CA, 110--122.

Digital Library

[50]

Yu, T., Winslett, M., and Seamons, K. E. 2003. Supporting structured credentials and sensitive policies through interoperable strategies for automated trust negotiation. ACM Trans. Inf. Syst. Secur. 6, 1, 1--42.

Digital Library

Cited By

Mukta RPaik HLu QKanhere S(2022)CredTrust: Credential Based Issuer Management for Trust in Self-Sovereign Identity2022 IEEE International Conference on Blockchain (Blockchain)10.1109/Blockchain55522.2022.00053(334-339)Online publication date: Aug-2022
https://doi.org/10.1109/Blockchain55522.2022.00053
Si GYang GZhang G(2016)Toward hierarchical Petri nets model for dependability evaluation of Internet-scale softwareJournal of Computational Methods in Sciences and Engineering10.3233/JCM-16060316:1(69-81)Online publication date: 11-Mar-2016
https://doi.org/10.3233/JCM-160603
Caprin EZhang YPoet RMuttukrishnan R(2014)Negotiation Based Framework for Attribute-Based Access Control Policy EvaluationProceedings of the 7th International Conference on Security of Information and Networks10.1145/2659651.2659667(122-127)Online publication date: 9-Sep-2014
https://dl.acm.org/doi/10.1145/2659651.2659667
Show More Cited By

Index Terms

Automated trust negotiation using cryptographic credentials
1. Security and privacy
  1. Security services
    1. Access control
  2. Systems security
    1. Operating systems security
2. Social and professional topics
  1. Computing / technology policy
    1. Computer crime

Recommendations

Automated trust negotiation using cryptographic credentials
CCS '05: Proceedings of the 12th ACM conference on Computer and communications security

In automated trust negotiation (ATN), two parties exchange digitally signed credentials that contain attribute information to establish trust and make access control decisions. Because the information in question is often sensitive, credentials are ...
Safety in automated trust negotiation

Exchange of attribute credentials is a means to establish mutual trust between strangers wishing to share resources or conduct business transactions. Automated Trust Negotiation (ATN) is an approach to regulate the exchange of sensitive information ...
Supporting structured credentials and sensitive policies through interoperable strategies for automated trust negotiation

Business and military partners, companies and their customers, and other closely cooperating parties may have a compelling need to conduct sensitive interactions on line, such as accessing each other's local services and other local resources. Automated ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Transactions on Information and System Security

ACM Transactions on Information and System Security Volume 13, Issue 1

October 2009

289 pages

ISSN:1094-9224

EISSN:1557-7406

DOI:10.1145/1609956

Issue’s Table of Contents

Copyright © 2009 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 06 November 2009

Accepted: 01 August 2007

Revised: 01 April 2007

Received: 01 February 2006

Published in TISSEC Volume 13, Issue 1

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article
Research
Refereed

Funding Sources

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

16
Total Citations
View Citations
786
Total Downloads

Downloads (Last 12 months)12
Downloads (Last 6 weeks)3

Reflects downloads up to 25 Dec 2024

Other Metrics

View Author Metrics

Citations

Cited By

Mukta RPaik HLu QKanhere S(2022)CredTrust: Credential Based Issuer Management for Trust in Self-Sovereign Identity2022 IEEE International Conference on Blockchain (Blockchain)10.1109/Blockchain55522.2022.00053(334-339)Online publication date: Aug-2022
https://doi.org/10.1109/Blockchain55522.2022.00053
Si GYang GZhang G(2016)Toward hierarchical Petri nets model for dependability evaluation of Internet-scale softwareJournal of Computational Methods in Sciences and Engineering10.3233/JCM-16060316:1(69-81)Online publication date: 11-Mar-2016
https://doi.org/10.3233/JCM-160603
Caprin EZhang YPoet RMuttukrishnan R(2014)Negotiation Based Framework for Attribute-Based Access Control Policy EvaluationProceedings of the 7th International Conference on Security of Information and Networks10.1145/2659651.2659667(122-127)Online publication date: 9-Sep-2014
https://dl.acm.org/doi/10.1145/2659651.2659667
Kortesniemi YSärelä M(2014)Survey of certificate usage in distributed access controlComputers & Security10.1016/j.cose.2014.03.01344(16-32)Online publication date: Jul-2014
https://doi.org/10.1016/j.cose.2014.03.013
Benson GChin SCroston SJayaraman KOlder S(2014)Banking on interoperability: Secure, interoperable credential managementComputer Networks10.1016/j.comnet.2014.03.02467(235-251)Online publication date: Jul-2014
https://doi.org/10.1016/j.comnet.2014.03.024
Jiao HLiu JLi JLiu C(2013)A paradox for trust and reputation in the e-commerce worldProceedings of the Thirty-Sixth Australasian Computer Science Conference - Volume 13510.5555/2525401.2525409(69-78)Online publication date: 29-Jan-2013
https://dl.acm.org/doi/10.5555/2525401.2525409
Liu XTang SHuang QYu Z(2013)An ontology-based approach to automated trust negotiationComputer Standards & Interfaces10.1016/j.csi.2013.03.00336:1(219-230)Online publication date: 1-Nov-2013
https://dl.acm.org/doi/10.1016/j.csi.2013.03.003
Farr S ODomingo-Ferrer JBlanco-Justicia A(2013)Privacy-Preserving Trust Management Mechanisms from Private Matching SchemesRevised Selected Papers of the 8th International Workshop on Data Privacy Management and Autonomous Spontaneous Security - Volume 824710.1007/978-3-642-54568-9_26(390-398)Online publication date: 12-Sep-2013
https://dl.acm.org/doi/10.1007/978-3-642-54568-9_26
Ngo CMembrey PDemchenko Yde Laat C(2012)Policy and Context Management in Dynamically Provisioned Access Control Service for Virtualized Cloud InfrastructuresProceedings of the 2012 Seventh International Conference on Availability, Reliability and Security10.1109/ARES.2012.81(343-349)Online publication date: 20-Aug-2012
https://dl.acm.org/doi/10.1109/ARES.2012.81
Hu JKhan KBai YZhang Y(2012)Compliance checking for usage-constrained credentials in trust negotiation systemsProceedings of the 15th international conference on Information Security10.1007/978-3-642-33383-5_18(290-305)Online publication date: 19-Sep-2012
https://dl.acm.org/doi/10.1007/978-3-642-33383-5_18
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Article

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Issue’s Table of Contents