PRUNES

An efficient and complete strategy for automated trust negotiation over the Internet

Ting Yu, Xiaosong Ma, M. Winslett

Research output: Chapter in Book/Report/Conference proceedingConference contribution

104 Citations (Scopus)

Abstract

The Internet provides an environment where two parties, who are virtually strangers to each other, can make connections and do business together. Before any actual business starts, a certain level of trust should be established. Each party should make sure that the other one is qualified and can be trusted for the ongoing business. Property-based digital credentials [1] make it possible to prove that a party satisfies certain requirements imposed by the ongoing business. The problem is that digital credentials themselves also contain valuable information which a party does not want to show to just any strangers. Therefore, for each credential there is usually a disclosure policy associated with it, indicating under what circumstances this credential can be disclosed. An automated trust negotiation strategy needs to be adopted to establish trust between two parties based on their disclosure policies. Previously proposed negotiation strategies may either fail when in fact success is possible, disclose irrelevant credentials, or have a high communication complexity. In this paper, we present a trust negotiation strategy, Prudent Negotiation Strategy (PRUNES), that guarantees that trust is established, if allowed by the credential disclosure policies. Meanwhile PRUNES makes sure that no irrelevant credentials are disclosed during trust negotiations. We also prove that PRUNES is efficient: in the worst case, the communication complexity is O(n2) and the computational complexity is O(nm), where n is the number of credentials and m is the size of the credential disclosure policies in disjunctive normal form.

Original languageEnglish
Title of host publicationProceedings of the ACM Conference on Computer and Communications Security
Pages210-219
Number of pages10
Publication statusPublished - 1 Dec 2000
Externally publishedYes
Event7th ACM Conference on Computer Communications Security - Athens, Greece
Duration: 1 Nov 20004 Nov 2000

Other

Other7th ACM Conference on Computer Communications Security
CountryGreece
CityAthens
Period1/11/004/11/00

Fingerprint

Internet
Industry
Communication
Computational complexity

ASJC Scopus subject areas

  • Computer Science(all)

Cite this

Yu, T., Ma, X., & Winslett, M. (2000). PRUNES: An efficient and complete strategy for automated trust negotiation over the Internet. In Proceedings of the ACM Conference on Computer and Communications Security (pp. 210-219)

PRUNES : An efficient and complete strategy for automated trust negotiation over the Internet. / Yu, Ting; Ma, Xiaosong; Winslett, M.

Proceedings of the ACM Conference on Computer and Communications Security. 2000. p. 210-219.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Yu, T, Ma, X & Winslett, M 2000, PRUNES: An efficient and complete strategy for automated trust negotiation over the Internet. in Proceedings of the ACM Conference on Computer and Communications Security. pp. 210-219, 7th ACM Conference on Computer Communications Security, Athens, Greece, 1/11/00.
Yu T, Ma X, Winslett M. PRUNES: An efficient and complete strategy for automated trust negotiation over the Internet. In Proceedings of the ACM Conference on Computer and Communications Security. 2000. p. 210-219
Yu, Ting ; Ma, Xiaosong ; Winslett, M. / PRUNES : An efficient and complete strategy for automated trust negotiation over the Internet. Proceedings of the ACM Conference on Computer and Communications Security. 2000. pp. 210-219
@inproceedings{8d034d8441ea4e528a5c83cf6af23a98,
title = "PRUNES: An efficient and complete strategy for automated trust negotiation over the Internet",
abstract = "The Internet provides an environment where two parties, who are virtually strangers to each other, can make connections and do business together. Before any actual business starts, a certain level of trust should be established. Each party should make sure that the other one is qualified and can be trusted for the ongoing business. Property-based digital credentials [1] make it possible to prove that a party satisfies certain requirements imposed by the ongoing business. The problem is that digital credentials themselves also contain valuable information which a party does not want to show to just any strangers. Therefore, for each credential there is usually a disclosure policy associated with it, indicating under what circumstances this credential can be disclosed. An automated trust negotiation strategy needs to be adopted to establish trust between two parties based on their disclosure policies. Previously proposed negotiation strategies may either fail when in fact success is possible, disclose irrelevant credentials, or have a high communication complexity. In this paper, we present a trust negotiation strategy, Prudent Negotiation Strategy (PRUNES), that guarantees that trust is established, if allowed by the credential disclosure policies. Meanwhile PRUNES makes sure that no irrelevant credentials are disclosed during trust negotiations. We also prove that PRUNES is efficient: in the worst case, the communication complexity is O(n2) and the computational complexity is O(nm), where n is the number of credentials and m is the size of the credential disclosure policies in disjunctive normal form.",
author = "Ting Yu and Xiaosong Ma and M. Winslett",
year = "2000",
month = "12",
day = "1",
language = "English",
pages = "210--219",
booktitle = "Proceedings of the ACM Conference on Computer and Communications Security",

}

TY - GEN

T1 - PRUNES

T2 - An efficient and complete strategy for automated trust negotiation over the Internet

AU - Yu, Ting

AU - Ma, Xiaosong

AU - Winslett, M.

PY - 2000/12/1

Y1 - 2000/12/1

N2 - The Internet provides an environment where two parties, who are virtually strangers to each other, can make connections and do business together. Before any actual business starts, a certain level of trust should be established. Each party should make sure that the other one is qualified and can be trusted for the ongoing business. Property-based digital credentials [1] make it possible to prove that a party satisfies certain requirements imposed by the ongoing business. The problem is that digital credentials themselves also contain valuable information which a party does not want to show to just any strangers. Therefore, for each credential there is usually a disclosure policy associated with it, indicating under what circumstances this credential can be disclosed. An automated trust negotiation strategy needs to be adopted to establish trust between two parties based on their disclosure policies. Previously proposed negotiation strategies may either fail when in fact success is possible, disclose irrelevant credentials, or have a high communication complexity. In this paper, we present a trust negotiation strategy, Prudent Negotiation Strategy (PRUNES), that guarantees that trust is established, if allowed by the credential disclosure policies. Meanwhile PRUNES makes sure that no irrelevant credentials are disclosed during trust negotiations. We also prove that PRUNES is efficient: in the worst case, the communication complexity is O(n2) and the computational complexity is O(nm), where n is the number of credentials and m is the size of the credential disclosure policies in disjunctive normal form.

AB - The Internet provides an environment where two parties, who are virtually strangers to each other, can make connections and do business together. Before any actual business starts, a certain level of trust should be established. Each party should make sure that the other one is qualified and can be trusted for the ongoing business. Property-based digital credentials [1] make it possible to prove that a party satisfies certain requirements imposed by the ongoing business. The problem is that digital credentials themselves also contain valuable information which a party does not want to show to just any strangers. Therefore, for each credential there is usually a disclosure policy associated with it, indicating under what circumstances this credential can be disclosed. An automated trust negotiation strategy needs to be adopted to establish trust between two parties based on their disclosure policies. Previously proposed negotiation strategies may either fail when in fact success is possible, disclose irrelevant credentials, or have a high communication complexity. In this paper, we present a trust negotiation strategy, Prudent Negotiation Strategy (PRUNES), that guarantees that trust is established, if allowed by the credential disclosure policies. Meanwhile PRUNES makes sure that no irrelevant credentials are disclosed during trust negotiations. We also prove that PRUNES is efficient: in the worst case, the communication complexity is O(n2) and the computational complexity is O(nm), where n is the number of credentials and m is the size of the credential disclosure policies in disjunctive normal form.

UR - http://www.scopus.com/inward/record.url?scp=0034449542&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=0034449542&partnerID=8YFLogxK

M3 - Conference contribution

SP - 210

EP - 219

BT - Proceedings of the ACM Conference on Computer and Communications Security

ER -