Skip to main content
SpringerLink
Log in

Automated Trust Negotiation in Open Systems

  • Chapter
Secure Data Management in Decentralized Systems

Part of the book series: Advances in Information Security ((ADIS,volume 33))

Abstract

To trust an entity means to have strong confidence in the integrity and ability of that entity to perform according to one’s expections [24]. Trust relationships between entities are particularly important when one entity’s action or service may have a great impact on the interests of others. In this chapter, we study how to establish such trust relationships between entities. In particular, we are interested in the establishment of trust relationships between service providers and service requesters in open distributed computing environments.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 89.00
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 119.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 169.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Moritz Y. Becker and Peter Sewell. Cassandra: Distributed access control policies with tunable expressiveness. In Proceedings of the 5th IEEE International Workshop on Policies for Distributed Systems and Networks (POLICY’ 04), pages 159–168, 2004.

    Google Scholar 

  2. E. Bertino, E. Ferrari, and A.C. Squicciarini. Trust-χ: A Peer-to-Peer Framework for Trust Establishment. IEEE Transactions on Knowledge and Data Engineering, 16(7), July 2004.

    Google Scholar 

  3. Elisa Bertino, Elana Ferrari, and Anna Cinzia Squicciarini. X-TNL: An XML-based language for trust negotiations. In Proceedings of the 4th IEEE International Workshop on Policies for Distributed Systems and Networks (POLICY’ 03), 2003.

    Google Scholar 

  4. E. Bina, V. Jones, R. McCool, and M. Winslett. Secure Access to Data Over the Internet. In Conference on Parallel and Distributed Information Systems, September 1994.

    Google Scholar 

  5. P. Bonatti and P. Samarati. Regulating Service Access and Information Release on the Web. In Conference on Computer and Communications Security, Athens, November 2000.

    Google Scholar 

  6. P. Bonatti, S. Vimercati, and P. Samarati. A Modular Approach to Composing Access Control Policies. In ACM Conference on Computer and Communication Security, Athens, Greece, November 2000.

    Google Scholar 

  7. Piero Bonatti and Pierangela Samarati. Regulating service access and information release on the web. In 7th ACM Conference on Computer and Communications Security, pages 134–143, 2000.

    Google Scholar 

  8. D. Box, D. Ehnebuske, G. Kakivaya, A. Layman, N. Mendelsohn, H.F. Nielsen, S. Thatte, and D. Winer. Simple Object Access Protocol (SOAP) 1.1. World Wide Web Consortium, May 2000.

    Google Scholar 

  9. R.W. Bradshaw, J.E. Holt, and K.E. Seamons. Concealing complex policies with hidden credentials. In ACM conference on Computer and communications security, Washington DC, USA, 2004.

    Google Scholar 

  10. Scott Cantor, John Kemp, Rob Philpott, and Eve Maler (Editors). Assertions and protocols for the OASIS security assertion markup language (SAML V2.0). OASIS Standard, Mar. 2005. (http://docs.oasis-open.org/security/saml/v2.0/saml-core-2.0-os.pdf).

    Google Scholar 

  11. D. Damianou, N. Dulay, E. Lupu, and M. Sloman. The Ponder Policy Specification Language. In 2nd International Workshop on Policies for Distributed Systems and Networks, Bristol, UK, January 2001.

    Google Scholar 

  12. K.B. Frikken, M.J. Atallah, and J. Li. Hidden Access Control Policies with Hidden Credentials. In ACM Workshop on Privacy in Electronic Societies, Washington, DC, October 2004.

    Google Scholar 

  13. Amir Herzberg, Yosi Mass, Joris Michaeli, Dalit Naor, and Yiftach Ravid. Access control meets public key infrastructure, or: assigning roles to strangers. In IEEE Symposium on Security and Privacy, May 2000.

    Google Scholar 

  14. Adam Hess, Jared Jacobson, Hyrum Mills, Ryan Wamsley, Kent E. Seamons, and Bryan Smith. Advanced client/server authentication in TLS. In Network and Distributed Systems Security Symposium, Feb. 2002.

    Google Scholar 

  15. Russell Housely, Warwick Ford, Tim Polk, and David Solo. Internet X.509 Public Key Infrastructure Certificate and CRL Profile. IETF Request for Comments RFC-2459, Jan. 1999.

    Google Scholar 

  16. H. Koshutanski and F. Massacci. Interactive access control for web services. In 19th IFIP Information Security Conference (SEC), pages 151–166, Aug. 2004.

    Google Scholar 

  17. H. Koshutanski and F. Massacci. An interactive trust management and negotiation scheme. In 2nd International Workshop on Formal Aspects in Security and Trust (FAST), pages 139–152, Aug. 2004.

    Google Scholar 

  18. H. Koshutanski and F. Massacci. Interactive credential negotiation for stateful business processes. In 3rd International Conference on Trust Management (iTrust), pages 257–273, May 2005.

    Google Scholar 

  19. Adam J. Lee and Marianne Winslett. Virtual fingerprinting as a foundation for reputation in open systems. In 4th International Conference on Trust Management (iTrust 2006), May 2006.

    Google Scholar 

  20. J. Li and N. Li. OACerts: Oblivious Attribute Certificates. In International Conference on Applied Cryptography and Network Security, New York, NY, June 2005.

    Google Scholar 

  21. N. Li, W. Du, and D. Boneh. Oblivious Signature-Based Envelope. In Proceedings of the 22nd ACM Symposium on Principles of Distributed Computing (PODC 2003). ACM Press, July 2003.

    Google Scholar 

  22. N. Li, W. Winsborough, and J.C. Mitchell. Beyond Proof-of-compliance: Safety and Availability Analysis in Trust Management. In IEEE Symposium on Security and Privacy, Berkeley, California, May 2003.

    Google Scholar 

  23. Ninghui Li and John Mitchell. RT: A role-based trust-management framework. In Third DARPA Information Survivability Conference and Exposition, Apr. 2003.

    Google Scholar 

  24. MANBIZIPP LLC. Frequent Asked Questions.

    Google Scholar 

  25. M. Myers, R. Ankney, A. Malpani, S. Galperin, and C. Adams. X.509 internet public key infrastructure online certificate status protocol-OCSP. IETF Request for Comments RFC 2560, Jun. 1999. (http://www.ietf.org/rfc/rfc2560.txt).

    Google Scholar 

  26. Jason Novotny, Steven Tuecke, and Von Welch. An online credential repository for the grid: MyProxy. In Tenth International Symposium on High Performance Distributed Computing (HPDC-10), Aug. 2001.

    Google Scholar 

  27. B. Schneier. Applied Cryptography, second edition. John Wiley and Sons. Inc., 1996.

    Google Scholar 

  28. K. Seamons, M. Winslett, and T. Yu. Limiting the Disclosure of Access Control Policies during Automated Trust Negotiation. In Network and Distributed System Security Symposium, San Diego, CA, February 2001.

    Google Scholar 

  29. Bryan Smith, Kent E. Seamons, and Michael D. Jones. Responding to policies at runtime in TrustBuilder. In 5th International Workshop on Policies for Distributed Systems and Networks (POLICY 2004), Jun. 2004.

    Google Scholar 

  30. Tim W. van der Horst and Kent E. Seamons. Short paper: Thor — the hybrid online repository. In First IEEE International Conference on Security and Privacy for Emerging Areas in Communications Networks, Sept. 2005.

    Google Scholar 

  31. D. Wijesekera and S. Jajodia. Policy Algebras for Access Control-The Propositional Case. In ACM Conference on Computer and Communication Security, Philadelphia, PA, November 2001.

    Google Scholar 

  32. D. Wijesekera and S. Jajodia. Policy Algebras for Access Control-The Predicate Case. In ACM Conference on Computer and Communication Security, Washington, DC, November 2002.

    Google Scholar 

  33. Marianne Winslett, Ting Yu, Kent E. Seamons, Adam Hess, Jared Jacobson, Ryan Jarvis, Bryan Smith, and Lina Yu. The TrustBuilder architecture for trust negotiation. IEEE Internet Computing, 6(6):30–37, Nov./Dec. 2002.

    Article  Google Scholar 

  34. Marianne Winslett, Charles Zhang, and Piero Andrea Bonatti. PeerAccess: A logic for distributed authorization. In Proceedings of the 12th ACM Conference on Computer and Communications Security (CCS 2005), Nov. 2005.

    Google Scholar 

  35. W. Winslett, N. Ching, V. Jones, and I. Slepchin. Using Digital Credentials on the World-Wide Web. Journal of Computer Security, pages 255–267, 1997.

    Google Scholar 

  36. T. Yu, X. Ma, and M. Winslett. PRUNES: An Efficient and Complete Strategy for Automated Trust Negotiation over the Internet. In ACM Conference on Computer and Communication Security, Athens, Greece, November 2000.

    Google Scholar 

  37. Ting Yu, Marianne Winslett, and Kent E. Seamons. Supporting structured credentials and sensitive policies through interoperable strategies for automated trust negotiation. ACM Transactions on Information and System Security, 6(1), Feb. 2003.

    Google Scholar 

  38. Lidong Zhou, Fred B. Schneider, and Robbert van Renesse. COCA: A secure distributed on-line certification authority. ACM Transactions on Computer Systems, 20(4):329–368, 2002.

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. University of Illinois at Urbana-Champaign, USA

    Adam J. Lee & Marianne Winslett

  2. Brigham Young University, USA

    Kent E. Seamons

  3. North Carolina State University, USA

    Ting Yu

Authors
  1. Adam J. Lee
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Kent E. Seamons
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Marianne Winslett
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Ting Yu
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Dept. Computer Science, North Carolina State University, 3254 EB II, Raleigh, NC, 27695

    Ting Yu

  2. Center for Secure Information Systems, George Mason University, 4400 University Drive, Fairfax, VA, 22030-4444

    Sushil Jajodia

Rights and permissions

Reprints and permissions

Copyright information

© 2007 Springer Science+Business Media, LLC

About this chapter

Cite this chapter

Lee, A.J., Seamons, K.E., Winslett, M., Yu, T. (2007). Automated Trust Negotiation in Open Systems. In: Yu, T., Jajodia, S. (eds) Secure Data Management in Decentralized Systems. Advances in Information Security, vol 33. Springer, Boston, MA. https://doi.org/10.1007/978-0-387-27696-0_7

Download citation

  • DOI: https://doi.org/10.1007/978-0-387-27696-0_7

  • Publisher Name: Springer, Boston, MA

  • Print ISBN: 978-0-387-27694-6

  • Online ISBN: 978-0-387-27696-0

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation