Sciweavers

CCS
2005
ACM

Preventing attribute information leakage in automated trust negotiation

14 years 5 months ago
Preventing attribute information leakage in automated trust negotiation
Automated trust negotiation is an approach which establishes trust between strangers through the bilateral, iterative disclosure of digital credentials. Sensitive credentials are protected by access control policies which may also be communicated to the other party. Ideally, sensitive information should not be known by others unless its access control policy has been satisfied. However, due to bilateral information exchange, information may flow to others in a variety of forms, many of which cannot be protected by access control policies alone. In particular, sensitive information may be inferred by observing negotiation participants’ behavior even when access control policies are strictly enforced. In this paper, we propose a general framework for the safety of trust negotiation systems. Compared to the existing safety model, our framework focuses on the actual information gain during trust negotiation instead of the exchanged messages. Thus, it directly reflects the essence of ...
Keith Irwin, Ting Yu
Added 26 Jun 2010
Updated 26 Jun 2010
Type Conference
Year 2005
Where CCS
Authors Keith Irwin, Ting Yu
Comments (0)