Interoperable strategies in automated trust negotiation

Ting Yu, Marianne Winslett, Kent E. Seamons

Research output: Chapter in Book/Report/Conference proceedingConference contribution

98 Citations (Scopus)

Abstract

Automated trust negotiation is an approach to establishing trust between strangers through the exchange of digital credentials and the use of access control policies that specify what combinations of credentials a stranger must disclose in order to gain access to each local service or credential. We introduce the concept of a trust negotiation protocol, which defines the ordering of messages and the type of information messages will contain. To carry out trust negotiation, a party pairs its negotiation protocol with a trust negotiation strategy that controls the exact content of the messages, i.e., which credentials to disclose, when to disclose them, and when to terminate a negotiation. There are a huge number of possible strategies for negotiating trust, each with different properties with respect to speed of negotiations and caution in giving out credentials and policies. In the autonomous world of the Internet, entities will want the freedom to choose negotiation strategies that meet their own goals, which means that two strangers who negotiate trust will often not use the same strategy. To date, only a tiny fraction of the space of possible negotiation strategies has been explored, and no two of the strategies proposed so far will interoperate. In this paper, we define a large set of strategies called the disclosure tree strategy (DTS) family. Then we prove that if two parties each choose strategies from the DTS family, then they will be able to negotiate trust as well as if they were both using the same strategy. Further, they can change strategies at any point during negotiation. We also show that the DTS family is closed, i.e, any strategy that can interoperate with every strategy in the DTS family must also be a member of the DTS family. We also give examples of practical strategies that belong to the DTS family and fit within the TrustBuilder architecture and protocol for trust negotiation.

Original languageEnglish
Title of host publicationProceedings of the ACM Conference on Computer and Communications Security
EditorsP. Samarati
Pages146-155
Number of pages10
Publication statusPublished - 1 Dec 2001
Externally publishedYes
EventProceedings of the 8th ACM Conference on Computer and Communications Security (CCS-8) - Philadelphia, PA, United States
Duration: 5 Nov 20018 Nov 2001

Other

OtherProceedings of the 8th ACM Conference on Computer and Communications Security (CCS-8)
CountryUnited States
CityPhiladelphia, PA
Period5/11/018/11/01

Fingerprint

Network protocols
Access control
Internet

ASJC Scopus subject areas

  • Computer Science(all)

Cite this

Yu, T., Winslett, M., & Seamons, K. E. (2001). Interoperable strategies in automated trust negotiation. In P. Samarati (Ed.), Proceedings of the ACM Conference on Computer and Communications Security (pp. 146-155)

Interoperable strategies in automated trust negotiation. / Yu, Ting; Winslett, Marianne; Seamons, Kent E.

Proceedings of the ACM Conference on Computer and Communications Security. ed. / P. Samarati. 2001. p. 146-155.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Yu, T, Winslett, M & Seamons, KE 2001, Interoperable strategies in automated trust negotiation. in P Samarati (ed.), Proceedings of the ACM Conference on Computer and Communications Security. pp. 146-155, Proceedings of the 8th ACM Conference on Computer and Communications Security (CCS-8), Philadelphia, PA, United States, 5/11/01.
Yu T, Winslett M, Seamons KE. Interoperable strategies in automated trust negotiation. In Samarati P, editor, Proceedings of the ACM Conference on Computer and Communications Security. 2001. p. 146-155
Yu, Ting ; Winslett, Marianne ; Seamons, Kent E. / Interoperable strategies in automated trust negotiation. Proceedings of the ACM Conference on Computer and Communications Security. editor / P. Samarati. 2001. pp. 146-155
@inproceedings{72c811f214074a24b1e9517f153e4010,
title = "Interoperable strategies in automated trust negotiation",
abstract = "Automated trust negotiation is an approach to establishing trust between strangers through the exchange of digital credentials and the use of access control policies that specify what combinations of credentials a stranger must disclose in order to gain access to each local service or credential. We introduce the concept of a trust negotiation protocol, which defines the ordering of messages and the type of information messages will contain. To carry out trust negotiation, a party pairs its negotiation protocol with a trust negotiation strategy that controls the exact content of the messages, i.e., which credentials to disclose, when to disclose them, and when to terminate a negotiation. There are a huge number of possible strategies for negotiating trust, each with different properties with respect to speed of negotiations and caution in giving out credentials and policies. In the autonomous world of the Internet, entities will want the freedom to choose negotiation strategies that meet their own goals, which means that two strangers who negotiate trust will often not use the same strategy. To date, only a tiny fraction of the space of possible negotiation strategies has been explored, and no two of the strategies proposed so far will interoperate. In this paper, we define a large set of strategies called the disclosure tree strategy (DTS) family. Then we prove that if two parties each choose strategies from the DTS family, then they will be able to negotiate trust as well as if they were both using the same strategy. Further, they can change strategies at any point during negotiation. We also show that the DTS family is closed, i.e, any strategy that can interoperate with every strategy in the DTS family must also be a member of the DTS family. We also give examples of practical strategies that belong to the DTS family and fit within the TrustBuilder architecture and protocol for trust negotiation.",
author = "Ting Yu and Marianne Winslett and Seamons, {Kent E.}",
year = "2001",
month = "12",
day = "1",
language = "English",
pages = "146--155",
editor = "P. Samarati",
booktitle = "Proceedings of the ACM Conference on Computer and Communications Security",

}

TY - GEN

T1 - Interoperable strategies in automated trust negotiation

AU - Yu, Ting

AU - Winslett, Marianne

AU - Seamons, Kent E.

PY - 2001/12/1

Y1 - 2001/12/1

N2 - Automated trust negotiation is an approach to establishing trust between strangers through the exchange of digital credentials and the use of access control policies that specify what combinations of credentials a stranger must disclose in order to gain access to each local service or credential. We introduce the concept of a trust negotiation protocol, which defines the ordering of messages and the type of information messages will contain. To carry out trust negotiation, a party pairs its negotiation protocol with a trust negotiation strategy that controls the exact content of the messages, i.e., which credentials to disclose, when to disclose them, and when to terminate a negotiation. There are a huge number of possible strategies for negotiating trust, each with different properties with respect to speed of negotiations and caution in giving out credentials and policies. In the autonomous world of the Internet, entities will want the freedom to choose negotiation strategies that meet their own goals, which means that two strangers who negotiate trust will often not use the same strategy. To date, only a tiny fraction of the space of possible negotiation strategies has been explored, and no two of the strategies proposed so far will interoperate. In this paper, we define a large set of strategies called the disclosure tree strategy (DTS) family. Then we prove that if two parties each choose strategies from the DTS family, then they will be able to negotiate trust as well as if they were both using the same strategy. Further, they can change strategies at any point during negotiation. We also show that the DTS family is closed, i.e, any strategy that can interoperate with every strategy in the DTS family must also be a member of the DTS family. We also give examples of practical strategies that belong to the DTS family and fit within the TrustBuilder architecture and protocol for trust negotiation.

AB - Automated trust negotiation is an approach to establishing trust between strangers through the exchange of digital credentials and the use of access control policies that specify what combinations of credentials a stranger must disclose in order to gain access to each local service or credential. We introduce the concept of a trust negotiation protocol, which defines the ordering of messages and the type of information messages will contain. To carry out trust negotiation, a party pairs its negotiation protocol with a trust negotiation strategy that controls the exact content of the messages, i.e., which credentials to disclose, when to disclose them, and when to terminate a negotiation. There are a huge number of possible strategies for negotiating trust, each with different properties with respect to speed of negotiations and caution in giving out credentials and policies. In the autonomous world of the Internet, entities will want the freedom to choose negotiation strategies that meet their own goals, which means that two strangers who negotiate trust will often not use the same strategy. To date, only a tiny fraction of the space of possible negotiation strategies has been explored, and no two of the strategies proposed so far will interoperate. In this paper, we define a large set of strategies called the disclosure tree strategy (DTS) family. Then we prove that if two parties each choose strategies from the DTS family, then they will be able to negotiate trust as well as if they were both using the same strategy. Further, they can change strategies at any point during negotiation. We also show that the DTS family is closed, i.e, any strategy that can interoperate with every strategy in the DTS family must also be a member of the DTS family. We also give examples of practical strategies that belong to the DTS family and fit within the TrustBuilder architecture and protocol for trust negotiation.

UR - http://www.scopus.com/inward/record.url?scp=0035747337&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=0035747337&partnerID=8YFLogxK

M3 - Conference contribution

AN - SCOPUS:0035747337

SP - 146

EP - 155

BT - Proceedings of the ACM Conference on Computer and Communications Security

A2 - Samarati, P.

ER -