Towards practical automated trust negotiation

Winsborough, William H.; Li, Ninghui

doi:10.1109/policy.2002.1011297

Cited by 156 publications

(128 citation statements)

References 5 publications

Supporting

Mentioning

128

Contrasting

Order By: Relevance

“…Current trust negotiation prototypes (e.g., [4,5,12,23]) implement incremental consistency by validating credentials as they are received. This approach to credential validation is also discussed in many papers that present protocols and strategies for trust negotiations and distributed proving that, to the best of our knowledge, have not yet been implemented (e.g., [6,14,21,24], to name a few).…”

Section: Definition 8 (Incremental Consistency) a View V Pt E Is Inmentioning

confidence: 99%

“…Two proposed authorization techniques for these types of environments are trust negotiation [4,5,12,14,15,21,23,25] and distributed proving [3,18,24]. In these types of systems, participants collect certified credentials that describe their attributes, environmental conditions, and other state information from any number of external entities.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Safety and consistency in policy-based authorization systems

Lee

Winslett

2006

Proceedings of the 13th ACM Conference on Computer and Communications Security

View full text Add to dashboard Cite

In trust negotiation and other distributed proving systems, networked entities cooperate to form proofs that are justified by collections of certified attributes. These attributes may be obtained through interactions with any number of external entities and are collected and validated over an extended period of time. Though these collections of credentials in some ways resemble partial system snapshots, these systems currently lack the notion of a consistent global state in which the satisfaction of authorization policies should be checked. In this paper, we argue that unlike the notions of consistency studied in other areas of distributed computing, the level of consistency required during policy evaluation is predicated solely upon the security requirements of the policy evaluator. As such, there is little incentive for entities to participate in complicated consistency preservation schemes like those used in distributed computing, distributed databases, and distributed shared memory. We go on to show that the most intuitive notion of consistency fails to provide basic safety guarantees under certain circumstances and then propose several more refined notions of consistency which provide stronger safety guarantees. We provide algorithms that allow each of these refined notions of consistency to be attained in practice with minimal overheads.

show abstract

Section: Definition 8 (Incremental Consistency) a View V Pt E Is Inmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Safety and consistency in policy-based authorization systems

Lee

Winslett

2006

Proceedings of the 13th ACM Conference on Computer and Communications Security

View full text Add to dashboard Cite

show abstract

“…Their trust establishment framework uses logical rules for accessing services and avoiding the unnecessary disclosure of sensitive information. Winsborough and Li [23] introduced the Trust Target Graph (TTG) protocol for conducting trust negotiation. A particular emphasis of their work was protection against leaking sensitive information during a trust negotiation.…”

Section: Related Workmentioning

confidence: 99%

Multi-level delegations with trust management in access control systems

Sun

Wang

et al. 2012

J Intell Inf Syst

View full text Add to dashboard Cite

Delegation is a mechanism that allows one agent to act on another's privilege. It is important that the privileges should be delegated to a person who is trustworthy. In this paper, we propose a multi-level delegation model with trust management in access control systems. We organize the delegation tasks into three levels, Low, M edium, and High, according to the sensitivity of the information contained in the delegation tasks.It motivates us that the more sensitive the delegated task is, the more trustworthy the delegatee should be. In order to assess how trustworthy a delegatee is, we devise trust evaluation techniques to describe a delegatee's trust history and also predict the future trend of trust. In our proposed delegation model, a delegatee with a higher trust level could be assigned with a higher level delegation task. Extensive experiments show that our proposed multi-level delegation model is effective in accurately predicting trust and avoiding sensitive information disclosure.

show abstract

“…7(b)). In a typical ATN session, the client and server engage in a protocol that results in the collaborative and incremental construction of a directed acyclic graph, called trust-target graph, that represents credentials (e.g., a proof that a party has a certain role in an organization) and policies indicating that the disclosure of a credential by one party is subject to the prior disclosure of a set of credentials by the other party [22]. A tool based on the Grappa system [2], a Java port of Graphviz [7], is used to generate successive drawings of the trust-target graph being constructed in an ATN session.…”

Section: Trust Negotiationmentioning

confidence: 99%

Graph Drawing for Security Visualization

2009

View full text Add to dashboard Cite

Abstract. With the number of devices connected to the internet growing rapidly and software systems being increasingly deployed on the web, security and privacy have become crucial properties for networks and applications. Due the complexity and subtlety of cryptographic methods and protocols, software architects and developers often fail to incorporate security principles in their designs and implementations. Also, most users have minimal understanding of security threats. While several tools for developers, system administrators and security analysts are available, these tools typically provide information in the form of textual logs or tables, which are cumbersome to analyze. Thus, in recent years, the field of security visualization has emerged to provide novel ways to display security-related information so that it is easier to understand. In this work, we give a preliminary survey of approaches to the visualization of computer security concepts that use graph drawing techniques.

show abstract

Towards practical automated trust negotiation

Cited by 156 publications

References 5 publications

Safety and consistency in policy-based authorization systems

Safety and consistency in policy-based authorization systems

Multi-level delegations with trust management in access control systems

Graph Drawing for Security Visualization

Contact Info

Product

Resources

About