An interactive trust management and negotiation scheme

被引:0
作者
Koshutanski, H [1 ]
Massacci, F [1 ]
机构
[1] Univ Trent, Dipartimento Informat & Telecommun, I-38050 Trento, Italy
来源
FORMAL ASPECTS IN SECURITY AND TRUST | 2005年 / 173卷
关键词
trust management; trust negotiation; interactive trust management; interactive access control; credential-based systems; Internet computing; logics for access control;
D O I
暂无
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
Interactive access control allows a server to compute on the fly missing credentials needed to grant access and to adapt its responses on the basis of client's presented and declined credentials. Yet, it may disclose too much information on what credentials a client needs. Automated trust negotiation allows for a controlled disclosure on what credentials a client has during a mutual disclosure process. Yet, it requires pre-arranged policies and sophisticated strategies. How do we bootstrap from simple security policies a comprehensive interactive trust management and negotiation scheme that combines the best of both worlds without their limitations? This is the subject of the paper.
引用
收藏
页码:115 / 128
页数:14
相关论文
共 11 条
[1]  
[Anonymous], 1999, KEYNOTE TRUST MANAGE
[2]  
[Anonymous], ACM T INFORM SYST, DOI DOI 10.1145/605434.605435
[3]   Web service conversation modeling - A cornerstone for E-business automation [J].
Benatallah, B ;
Casati, F ;
Toumani, F .
IEEE INTERNET COMPUTING, 2004, 8 (01) :46-54
[4]   Decentralized trust management [J].
Blaze, M ;
Feigenbaum, J ;
Lacy, J .
1996 IEEE SYMPOSIUM ON SECURITY AND PRIVACY, PROCEEDINGS, 1996, :164-173
[5]  
BURBERA F, 2003, BUSINESS PROCESS EXE
[6]  
CHADWICK DW, 2002, 7 ACM S ACC CONTR MO, P135
[7]  
KOSHUTANSKI H, 2003, 1 INT WORKSH FORM AS
[8]  
KOSHUTANSKI H, 2004, 19 IFIP INF SEC C SE, P150
[9]   RT:: A role-based trust-management framework [J].
Li, NH ;
Mitchell, JC .
DARPA INFORMATION SURVIVABILITY CONFERENCE AND EXPOSITION, VOL I, PROCEEDINGS, 2003, :201-212
[10]  
WAHL M, 1997, 2251 RFC
12