Sciweavers

NDSS
2006
IEEE

Trust Negotiation with Hidden Credentials, Hidden Policies, and Policy Cycles

14 years 6 months ago
Trust Negotiation with Hidden Credentials, Hidden Policies, and Policy Cycles
In an open environment such as the Internet, the decision to collaborate with a stranger (e.g., by granting access to a resource) is often based on the characteristics (rather than the identity) of the requester, via digital credentials: Access is granted if Alice’s credentials satisfy Bob’s access policy. The literature contains many examples where protecting the credentials and the access control policies is useful, and there are numerous protocols that achieve this. In many of these schemes, the server does not learn whether the client obtained access (e.g., to a message, or a service via an eticket). A consequence of this property is that the client can use all of her credentials without fear of “probing” attacks by the server, because the server cannot glean information about which credentials the client has (when this property is lacking, the literature uses a framework where the very use of a credential is subject to a policy specific to that credential). The main resu...
Keith B. Frikken, Jiangtao Li, Mikhail J. Atallah
Added 12 Jun 2010
Updated 12 Jun 2010
Type Conference
Year 2006
Where NDSS
Authors Keith B. Frikken, Jiangtao Li, Mikhail J. Atallah
Comments (0)