Interoperable strategies in automated trust negotiation

Ting Yu, Marianne Winslett, Kent E. Seamons

Research output: Chapter in Book/Report/Conference proceedingConference contribution

98 Citations (Scopus)


Automated trust negotiation is an approach to establishing trust between strangers through the exchange of digital credentials and the use of access control policies that specify what combinations of credentials a stranger must disclose in order to gain access to each local service or credential. We introduce the concept of a trust negotiation protocol, which defines the ordering of messages and the type of information messages will contain. To carry out trust negotiation, a party pairs its negotiation protocol with a trust negotiation strategy that controls the exact content of the messages, i.e., which credentials to disclose, when to disclose them, and when to terminate a negotiation. There are a huge number of possible strategies for negotiating trust, each with different properties with respect to speed of negotiations and caution in giving out credentials and policies. In the autonomous world of the Internet, entities will want the freedom to choose negotiation strategies that meet their own goals, which means that two strangers who negotiate trust will often not use the same strategy. To date, only a tiny fraction of the space of possible negotiation strategies has been explored, and no two of the strategies proposed so far will interoperate. In this paper, we define a large set of strategies called the disclosure tree strategy (DTS) family. Then we prove that if two parties each choose strategies from the DTS family, then they will be able to negotiate trust as well as if they were both using the same strategy. Further, they can change strategies at any point during negotiation. We also show that the DTS family is closed, i.e, any strategy that can interoperate with every strategy in the DTS family must also be a member of the DTS family. We also give examples of practical strategies that belong to the DTS family and fit within the TrustBuilder architecture and protocol for trust negotiation.

Original languageEnglish
Title of host publicationProceedings of the ACM Conference on Computer and Communications Security
EditorsP. Samarati
Number of pages10
Publication statusPublished - 1 Dec 2001
Externally publishedYes
EventProceedings of the 8th ACM Conference on Computer and Communications Security (CCS-8) - Philadelphia, PA, United States
Duration: 5 Nov 20018 Nov 2001


OtherProceedings of the 8th ACM Conference on Computer and Communications Security (CCS-8)
CountryUnited States
CityPhiladelphia, PA


ASJC Scopus subject areas

  • Computer Science(all)

Cite this

Yu, T., Winslett, M., & Seamons, K. E. (2001). Interoperable strategies in automated trust negotiation. In P. Samarati (Ed.), Proceedings of the ACM Conference on Computer and Communications Security (pp. 146-155)