Preventing attribute information leakage in automated trust negotiation

Keith Irwin, Ting Yu

Research output: Chapter in Book/Report/Conference proceedingConference contribution

31 Citations (Scopus)

Abstract

Automated trust negotiation is an approach which establishes trust between strangers through the bilateral, iterative disclosure of digital credentials. Sensitive credentials are protected by access control policies which may also be communicated to the other party. Ideally, sensitive information should not be known by others unless its access control policy has been satisfied. However, due to bilateral information exchange, information may flow to others in a variety of forms, many of which cannot be protected by access control policies alone. In particular, sensitive information may be inferred by observing negotiation participants' behavior even when access control policies are strictly enforced. In this paper, we propose a general framework for the safety of trust negotiation systems. Compared to the existing safety model, our framework focuses on the actual information gain during trust negotiation instead of the exchanged messages. Thus, it directly reflects the essence of safety in sensitive information protection. Based on the proposed framework, we develop policy databases as a mechanism to help prevent unauthorized information inferences during trust negotiation. We show that policy databases achieve the same protection of sensitive information as existing solutions without imposing additional complications to the interaction between negotiation participants or restricting users' autonomy in defining their own policies.

Original languageEnglish
Title of host publicationProceedings of the ACM Conference on Computer and Communications Security
Pages36-45
Number of pages10
DOIs
Publication statusPublished - 1 Dec 2005
Externally publishedYes
EventCCS 2005 - 12th ACM Conference on Computer and Communications Security - Alexandria, VA, United States
Duration: 7 Nov 200511 Nov 2005

Other

OtherCCS 2005 - 12th ACM Conference on Computer and Communications Security
CountryUnited States
CityAlexandria, VA
Period7/11/0511/11/05

Fingerprint

Access control

Keywords

  • Attribute-based access control
  • Privacy
  • Trust negotiation

ASJC Scopus subject areas

  • Computer Science(all)

Cite this

Irwin, K., & Yu, T. (2005). Preventing attribute information leakage in automated trust negotiation. In Proceedings of the ACM Conference on Computer and Communications Security (pp. 36-45) https://doi.org/10.1145/1102120.1102128

Preventing attribute information leakage in automated trust negotiation. / Irwin, Keith; Yu, Ting.

Proceedings of the ACM Conference on Computer and Communications Security. 2005. p. 36-45.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Irwin, K & Yu, T 2005, Preventing attribute information leakage in automated trust negotiation. in Proceedings of the ACM Conference on Computer and Communications Security. pp. 36-45, CCS 2005 - 12th ACM Conference on Computer and Communications Security, Alexandria, VA, United States, 7/11/05. https://doi.org/10.1145/1102120.1102128
Irwin K, Yu T. Preventing attribute information leakage in automated trust negotiation. In Proceedings of the ACM Conference on Computer and Communications Security. 2005. p. 36-45 https://doi.org/10.1145/1102120.1102128
Irwin, Keith ; Yu, Ting. / Preventing attribute information leakage in automated trust negotiation. Proceedings of the ACM Conference on Computer and Communications Security. 2005. pp. 36-45
@inproceedings{0dc8c14efa9744d2a4df7b275e648aeb,
title = "Preventing attribute information leakage in automated trust negotiation",
abstract = "Automated trust negotiation is an approach which establishes trust between strangers through the bilateral, iterative disclosure of digital credentials. Sensitive credentials are protected by access control policies which may also be communicated to the other party. Ideally, sensitive information should not be known by others unless its access control policy has been satisfied. However, due to bilateral information exchange, information may flow to others in a variety of forms, many of which cannot be protected by access control policies alone. In particular, sensitive information may be inferred by observing negotiation participants' behavior even when access control policies are strictly enforced. In this paper, we propose a general framework for the safety of trust negotiation systems. Compared to the existing safety model, our framework focuses on the actual information gain during trust negotiation instead of the exchanged messages. Thus, it directly reflects the essence of safety in sensitive information protection. Based on the proposed framework, we develop policy databases as a mechanism to help prevent unauthorized information inferences during trust negotiation. We show that policy databases achieve the same protection of sensitive information as existing solutions without imposing additional complications to the interaction between negotiation participants or restricting users' autonomy in defining their own policies.",
keywords = "Attribute-based access control, Privacy, Trust negotiation",
author = "Keith Irwin and Ting Yu",
year = "2005",
month = "12",
day = "1",
doi = "10.1145/1102120.1102128",
language = "English",
isbn = "1595932267",
pages = "36--45",
booktitle = "Proceedings of the ACM Conference on Computer and Communications Security",

}

TY - GEN

T1 - Preventing attribute information leakage in automated trust negotiation

AU - Irwin, Keith

AU - Yu, Ting

PY - 2005/12/1

Y1 - 2005/12/1

N2 - Automated trust negotiation is an approach which establishes trust between strangers through the bilateral, iterative disclosure of digital credentials. Sensitive credentials are protected by access control policies which may also be communicated to the other party. Ideally, sensitive information should not be known by others unless its access control policy has been satisfied. However, due to bilateral information exchange, information may flow to others in a variety of forms, many of which cannot be protected by access control policies alone. In particular, sensitive information may be inferred by observing negotiation participants' behavior even when access control policies are strictly enforced. In this paper, we propose a general framework for the safety of trust negotiation systems. Compared to the existing safety model, our framework focuses on the actual information gain during trust negotiation instead of the exchanged messages. Thus, it directly reflects the essence of safety in sensitive information protection. Based on the proposed framework, we develop policy databases as a mechanism to help prevent unauthorized information inferences during trust negotiation. We show that policy databases achieve the same protection of sensitive information as existing solutions without imposing additional complications to the interaction between negotiation participants or restricting users' autonomy in defining their own policies.

AB - Automated trust negotiation is an approach which establishes trust between strangers through the bilateral, iterative disclosure of digital credentials. Sensitive credentials are protected by access control policies which may also be communicated to the other party. Ideally, sensitive information should not be known by others unless its access control policy has been satisfied. However, due to bilateral information exchange, information may flow to others in a variety of forms, many of which cannot be protected by access control policies alone. In particular, sensitive information may be inferred by observing negotiation participants' behavior even when access control policies are strictly enforced. In this paper, we propose a general framework for the safety of trust negotiation systems. Compared to the existing safety model, our framework focuses on the actual information gain during trust negotiation instead of the exchanged messages. Thus, it directly reflects the essence of safety in sensitive information protection. Based on the proposed framework, we develop policy databases as a mechanism to help prevent unauthorized information inferences during trust negotiation. We show that policy databases achieve the same protection of sensitive information as existing solutions without imposing additional complications to the interaction between negotiation participants or restricting users' autonomy in defining their own policies.

KW - Attribute-based access control

KW - Privacy

KW - Trust negotiation

UR - http://www.scopus.com/inward/record.url?scp=33745772562&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=33745772562&partnerID=8YFLogxK

U2 - 10.1145/1102120.1102128

DO - 10.1145/1102120.1102128

M3 - Conference contribution

SN - 1595932267

SN - 9781595932266

SP - 36

EP - 45

BT - Proceedings of the ACM Conference on Computer and Communications Security

ER -