Wuhan University Journal of Natural Sciences

, Volume 11, Issue 1, pp 253–255 | Cite as

Trust authentication protocol on the Web

  • Guo Ya-jun
  • Hong Fan
Web and Networking Technology


It is unsuitable to use traditional identity-based authentication on the Web where entities are not foreknown to each other. Trust relationship must be established between strangers before authentication. To achieve trust, authentication, the resource-constrained trust negotiation is addressed, and traditional authentication key exchange protocol is extended. Owing to avoiding the heavy computational demands the public key cryptography operations bring about, the authentication protocol is well-suited for security authentication on the Web.

Key words

trust authentication Web 

CLC number

TP 309 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. [1]
    Pirzada A A, McDonald C. Kerberos Assisted Authentication in Mobile Ad-hoc Networks. Castro EV, Ed.,The 27th conference on Australasian Computer Science, New Zealand, Dunedin; 2004,26: 41–46.Google Scholar
  2. [2]
    Blake-Wilson S, Nystrom M, Hopwood D,et al. Transport Layer Security (TLS) Extensions.IETF RFC 3546,June 2003,http://www.faqs.org/rfcs.Google Scholar
  3. [3]
    Balfanz D, Smetters D K, Stewart P,et al. Talking to strangers: authentication in Ad-hoc wireless networks.The 9th Annual Network and Distributed System Security Symposium. San Diego: California, 2002.Google Scholar
  4. [4]
    Bussard L, Roudier Y, Molva R. Untraceable Secret Credentials: Trust Establishment with Privacy.The Second IEEE Annual Conference on Pervasive Computing and Communications Workshops Orlando: Florida, 2004, 122–126.Google Scholar
  5. [5]
    Corradi A, Montanari R, Tibaldi D. Context-Driven Adaptation of Trust Relationships in Pervasive Collaborative Environments.The 2005 Symposium on Applications and the Internet Workshops (SAINT-W'05). Trento: Italy, 2005. 178–181.Google Scholar
  6. [6]
    Winsborough W H, Li N. Safety in Automated Trust Negotiation.In the Proceedings of IEEE Symposium on Security and Privacy. Berkeley, California: IEEE Computer Society Press, 2004. 147–160.Google Scholar
  7. [7]
    Winslett M, Yu T, Seamons K,et al. Trust Negotiation on the Web.IEEE Internet Computing, 2002,6(6): 30–37.CrossRefGoogle Scholar
  8. [8]
    Hess A, Jacobson J, Mills H,et al. Advanced, Client/server Authentication in TLS.In the Network and Distributed System Security Symposium. California: San Diego, 2002.Google Scholar
  9. [9]
    Hess A, Holt J, Jacobson J,et al. Content-Triggered Trust Negotiation.ACM Transactions on Information and System Security, 2004,7(3): 428–456.CrossRefGoogle Scholar
  10. [10]
    Jarvis R. Selective Disclosure of Credential Content During Trust Negotiation. [Master thesis]. Hawaii: Department of Computer Science, Brigham Young University, 2003.Google Scholar

Copyright information

© Springer 2006

Authors and Affiliations

  • Guo Ya-jun
    • 1
    • 2
  • Hong Fan
    • 1
  1. 1.School of Computer Science and TechnologyHuazhong University of Science and TechnologyWuhan HubeiChina
  2. 2.Department of Computer ScienceCentral China Normal UniversityWuhan HubeiChina

Personalised recommendations