A unified scheme for resource protection in automated trust negotiation

Ting Yu, M. Winslett

Research output: Chapter in Book/Report/Conference proceedingConference contribution

21 Citations (Scopus)


Automated trust negotiation is an approach to establishing trust between strangers through iterative disclosure of digital credentials. In automated trust negotiation, access control policies play a key role in protecting resources from unauthorized access. Unlike in traditional trust management systems, the access control policy for a resource is usually unknown to the party requesting access to the resource, when trust negotiation starts. The negotiating parties can rely on policy disclosures to learn each other's access control requirements. However a policy itself may also contain sensitive information. Disclosing policies' contents unconditionally may leak valuable business information or jeopardize individuals' privacy. In this paper we propose UniPro, a unified scheme to model protection of resources, including policies, in trust negotiation. UniPro improves on previous work by modeling policies as first-class resources, protecting them in the same way as other resources, providing fine-grained control over policy disclosure, and clearly distinguishing between policy disclosure and policy satisfaction, which gives users more flexibility in expressing their authorization requirements. We also show that UniPro can be used with practical negotiation strategies without jeopardizing autonomy in the choice of strategy, and present criteria under which negotiations using UniPro are guaranteed to succeed in establishing trust.

Original languageEnglish
Title of host publicationProceedings - IEEE Symposium on Security and Privacy
PublisherInstitute of Electrical and Electronics Engineers Inc.
Number of pages13
ISBN (Print)0769519407
Publication statusPublished - 2003
Externally publishedYes
Event2003 Symposium on Security and Privacy, SP 2003 - Berkeley, United States
Duration: 11 May 200314 May 2003


Other2003 Symposium on Security and Privacy, SP 2003
CountryUnited States


ASJC Scopus subject areas

  • Safety, Risk, Reliability and Quality
  • Software
  • Computer Networks and Communications

Cite this

Yu, T., & Winslett, M. (2003). A unified scheme for resource protection in automated trust negotiation. In Proceedings - IEEE Symposium on Security and Privacy (Vol. 2003-January, pp. 110-122). [1199331] Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/SECPRI.2003.1199331