Despite recent advances in trust relationship control mechanisms, issues remain that impede the development of effective trust models. One of these is the lack of dynamic mechanisms that can simultaneously achieve both privacy and efficiency when establishing a new trust relationship. Current techniques encourage the client to reveal more attributes than may be required by the web service (resulting in a lack of privacy) or else engage in negotiation with the web service to discover and then serially provide the claims required (resulting in a lack of efficiency). We propose a method whereby the client discovers the web service’s requirements from the service’s policy document, then formulates a single trust primitive by associating a set of client attributes with an identifier, all signed with the token holder's digital signature. This technique allows the client to form trust relationships dynamically and efficiently. Client privacy is preserved because only those attribute...
Zhengping Wu, Alfred C. Weaver