Skip to main content
SpringerLink
Log in
Book cover

International Workshop on Security

IWSEC 2006: Advances in Information and Computer Security pp 168–178Cite as

A New Approach to Hide Policy for Automated Trust Negotiation

  • Conference paper

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 4266))

Abstract

Automated trust negotiation (ATN) is an important approach to establish trust between strangers through the exchange of credentials and access control policies. In practice, access control policy may contain sensitive information. The negotiation process becomes complicated when the access control policy is designed complex in order to avoid information leakage. Furthermore, if the access control policy has conflicts or cycles, normal negotiation strategies often fail. In this paper, a new approach to hide access control policy is proposed based on the study on the existing problems. In the approach, the policy consistency is checked so as to detect policy conflicts. 0-1 table is used to implement it as well as discover minimal credential-set. Meanwhile, a practical example shows that the approach is suitable and can effectively protect sensitive information in access control policy.

The paper is supported by National Natural Science Foundation of China under grant No.90412010 and No.60503040.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Winsborough, W.H., Li, N.: Towards practical automated trust negotiation. In: Proceedings of the 3rd International Workshop on Policies for Distributed Systems and Networks, pp. 92–103 (2002)

    Google Scholar 

  2. Yu, T., Winslett, M.: A Unified Scheme for Resource Protection in Automated Trust Negotiation. In: Proceedings of IEEE Symposium on Security and Privacy, pp. 245–257 (2003)

    Google Scholar 

  3. Yu, T.: Dynamic Trust Establishment in Open Systems, PhD thesis, Department of Computer Science, University of Illinois (September 2003)

    Google Scholar 

  4. Winsborough, W.H., Seamons, K.E., Jones, V.E.: Automated trust negotiation. In: Proceedings of DARPA Information Survivability Conference and Exposition, pp. 88–102 (2000)

    Google Scholar 

  5. Winsborough, W.H., Li, N.: Protecting sensitive attributes in automated trust negotiation. In: Proceeding of ACM Workshop on Privacy in the Electronic Society, pp. 102–113 (2002)

    Google Scholar 

  6. Winsborough, W.H., Li, N.: Safety in automated trust negotiation. In: Proceedings of the IEEE symposium on Security and Privacy, pp. 147–160 (2004)

    Google Scholar 

  7. Seamons, K., Winslett, M., Yu, T.: Limiting the Disclosure of Access Control Policies during Automated Trust Negotiation. In: Proceedings of Network and Distributed System Security Symposium, pp. 45–56 (2001)

    Google Scholar 

  8. Bonatti, P., Samarati, P.: Regulating Service Access and Information Release on the Web. In: Proceeding of 7th ACM Conference on Computer and Communications Security, pp. 78–87 (2000)

    Google Scholar 

  9. Li, N., Du, W., Boneh, D.: Oblivious signature-based envelope. In: Proceeding of the 22nd ACM Symposium on Principles of Distributed Computing, pp. 182–189 (2003)

    Google Scholar 

  10. Bertino, E., Ferrari, E., Squicciarini, A.C.: Privacy-preserving trust negotiation. In: Martin, D., Serjantov, A. (eds.) PET 2004. LNCS, vol. 3424, pp. 283–301. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  11. Holt, J.E., Bradshaw, R., Seamons, K.E., Orman, H.: Hidden credentials. In: Proceedings of 2nd ACM Workshop on Privacy in the Electronic Society, pp. 1–8 (2003)

    Google Scholar 

  12. Boneh, D., Franklin, M.: Identity based encryption from the Weil pairing. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 213–229. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  13. Bradshaw, R.W., Holt, J.E., Seamons, K.E.: Concealing Complex Policies with Hidden Credentials. In: Proceedings of the 4th ACM Conference on Computer and Communications Security, pp. 245–253 (2004)

    Google Scholar 

  14. Frikken, K., Atallah, M., Li, J.: Hidden Access Control Policies with Hidden Credentials. In: Proceedings of the 3rd ACM Workshop on Privacy in the Electronic Society, pp. 130–131 (2004)

    Google Scholar 

  15. Li, J., Li, N.: OACerts: Oblivious Attribute Certificates. In: Proceeding of 3rd Conference on Applied Cryptography and Network Security, pp. 108–121 (2003)

    Google Scholar 

  16. Yu, T., Ma, X., Winslett, M.: PRUNES: An Efficient and Complete Strategy for Automated Trust Negotiation over the Internet. In: Proceeding of the 2000 ACM Conference on Computer and Communications Security, pp. 88–97 (2000)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Cluster and Grid Computing Lab, Huazhong University of Science and Technology, Wuhan, 430074, China

    Hai Jin, Zhensong Liao, Deqing Zou & Weizhong Qiang

Authors
  1. Hai Jin
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Zhensong Liao
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Deqing Zou
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Weizhong Qiang
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Faculty of Electro-Communication, The University of Electro-Communications, 1-5-1, Chofugaoka, P.O. Box, 182-8585, Chofu, Japan

    Hiroshi Yoshiura

  2. Department of Computer Science, Communication Engineering, Kyushu University, 812-0053, Fukuoka, Japan

    Kouichi Sakurai

  3. Institute of Business Informatics, Goethe University Frankfurt, Frankfurt/Main, Germany

    Kai Rannenberg

  4. Faculty of Software and Information Science, Iwate Prefectural University, 152-52 Sugo, Takizawa, Takizawa-mura, 020-0193, Iwate, Japan

    Yuko Murayama

  5. Toshiba Corporation, 1, Komukai Toshiba-cho, Saiwai-ku, P.O. Box, 212-8582, Kawasaki, Japan

    Shinichi Kawamura

Rights and permissions

Reprints and permissions

Copyright information

© 2006 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Jin, H., Liao, Z., Zou, D., Qiang, W. (2006). A New Approach to Hide Policy for Automated Trust Negotiation. In: Yoshiura, H., Sakurai, K., Rannenberg, K., Murayama, Y., Kawamura, S. (eds) Advances in Information and Computer Security. IWSEC 2006. Lecture Notes in Computer Science, vol 4266. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11908739_12

Download citation

  • DOI: https://doi.org/10.1007/11908739_12

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-47699-3

  • Online ISBN: 978-3-540-47700-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation