Responding to policies at runtime in TrustBuilder

Smith, Bryan L.; Seamons, Kent E.; Jones, Michael

doi:10.1109/policy.2004.1309161

Cited by 19 publications

(16 citation statements)

References 21 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…During our experiments, the client process spent, on average, 226 ms interacting with the compliance checker during a single trust negotiation. The complexity of the compliance checking process has also been observed in other, independent trust negotiation implementations (e.g., see [23]). This suggests that a novel and highly-effective denial of service attack against trust negotiationenabled services is to force the use of the remote party's compliance checker.…”

Section: Attacks and Future Researchmentioning

confidence: 66%

TrustBuilder2: A Reconfigurable Framework for Trust Negotiation

Lee

Winslett

Perano

2009

Trust Management III

View full text Add to dashboard Cite

Abstract. To date, research in trust negotiation has focused mainly on the theoretical aspects of the trust negotiation process, and the development of proof of concept implementations. These theoretical works and proofs of concept have been quite successful from a research perspective, and thus researchers must now begin to address the systems constraints that act as barriers to the deployment of these systems. To this end, we present TrustBuilder2, a fully-configurable and extensible framework for prototyping and evaluating trust negotiation systems. TrustBuilder2 leverages a plug-in based architecture, extensible data type hierarchy, and flexible communication protocol to provide a framework within which numerous trust negotiation protocols and system configurations can be quantitatively analyzed. In this paper, we discuss the design and implementation of TrustBuilder2, study its performance, examine the costs associated with flexible authorization systems, and leverage this knowledge to identify potential topics for future research, as well as a novel method for attacking trust negotiation systems.

show abstract

Section: Attacks and Future Researchmentioning

confidence: 66%

TrustBuilder2: A Reconfigurable Framework for Trust Negotiation

Lee

Winslett

Perano

2009

Trust Management III

View full text Add to dashboard Cite

show abstract

“…The typical setup is that someone or a process wants to perform some action on a resource. Therefore, a request is sent (2) to the component that actually protects that resource (like a filesystem or a Web server), called a Policy Enforcement Point (PEP). The PEP will form a request, in its native request format, based on the requestor's attributes, the resource in question, the action, and other information pertaining to the request.…”

Section: A Brief Introduction To Xacmlmentioning

confidence: 99%

“…In [1][2][3], authors suggest a prototype for trust establishment called TrustBuilder. It allows negotiating trust across organizational boundaries, between entities from different security domains.…”

mentioning

confidence: 99%

XeNA: an access negotiation framework using XACML

et al. 2008

View full text Add to dashboard Cite

XeNA is a new model for the negotiation of access within an extended eXtensible Access Control Markup Language (XACML) architecture. We bring together trust management through a negotiation process and access control management within the same architecture. The negotiation process based on resource classification methodology occurs before the access control management. A negotiation module at the core of this negotiation process is in charge of collecting resources required to establish a level of trust and to insure a successful evaluation of access. The access control management is based on an extended RoleBased Access Control (RBAC) profile of XACML. This extended profile responds to advanced access control requirements and allows the expression of several access control models within XACML.

show abstract

“…IBM specified the Trust Policy Language for a role based access control scheme that uses credentials to determine which roles a principal can obtain. TrustBuilder [12] uses this language to implement a trust negotiation system that incorporates trust reputation measures. PeerTrust [10] is an ATN system that can handle X.509 certificates and import RDF for its policies.…”

Section: Related Workmentioning

confidence: 99%

“…However, the draft neglects the protection of sensitive information during the negotiation and requires session state at the participating hosts. The research on Automated Trust Negotiation (ATN) [14] [12] [2] deals with automatically establishing mutual trust between strangers by an iterative credential exchange. Automated Trust Negotiation systems use a policy driven iterative negotiation process to reach an agreement between two parties that need not have a prior trust relationship.…”

Section: Introductionmentioning

confidence: 99%

Automated Trust Negotiation in Autonomic Environments

Klenk

Petri

Radier

et al.

Self-Organizing Systems

View full text Add to dashboard Cite

Abstract. Autonomic computing environments rely on devices that are able to make intelligent decisions without human supervision. Automated Trust Negotiation supports the cooperation of devices with no prior trust relationship. They can reach an agreement by iteratively exchanging credentials during a negotiation process. These credentials can serve as authorization tokens or may carry information that becomes a parameter of the further service usage. A careful negotiation strategy helps in protecting sensitive credentials that must only be available to authorized entities. We introduce the VersaTrust framework that supports a stateless negotiation protocol to reach comprehensive agreements. We argue how this approach applies to autonomic environments and demonstrate its scalability.

show abstract

Responding to policies at runtime in TrustBuilder

Cited by 19 publications

References 21 publications

TrustBuilder2: A Reconfigurable Framework for Trust Negotiation

TrustBuilder2: A Reconfigurable Framework for Trust Negotiation

XeNA: an access negotiation framework using XACML

Automated Trust Negotiation in Autonomic Environments

Contact Info

Product

Resources

About