Negotiating Disclosure of Sensitive Credentials

نویسندگان

  • Kent E. Seamons
  • Vicki E. Jones
  • William H. Winsborough
چکیده

The problem considered is credential exchange between strangers when credentials are sensitive. A framework is presented for negotiating the exchange of sensitive property-based credentials that are exchanged to establish trust between clients and servers. The notion of a trust negotiation strategy is introduced and two strategies with very different properties are discussed. This article is excerpted from [WSJ].

برای دانلود رایگان متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Limiting the Disclosure of Access Control Policies during Automated Trust Negotiation

Automated trust negotiation is a new approach to establishing trust between strangers through the exchange of property-based digital credentials, and the use of mobile access control policies that specify what combinations of credentials a stranger must supply in order to gain access to each local service or credential. In this paper, we show that access control policies can also contain sensit...

متن کامل

A Unified Scheme for Resource Protection in Automated Trust Negotiation

Automated trust negotiation is an approach to establishing trust between strangers through iterative disclosure of digital credentials. In automated trust negotiation, access control policies play a key role in protecting resources from unauthorized access. Unlike in traditional trust management systems, the access control policy for a resource is usually unknown to the party requesting access ...

متن کامل

Protecting Sensitive Credential Content during Trust Negotiation

PROTECTING SENSITIVE CREDENTIAL CONTENT DURING TRUST NEGOTIATION Ryan D. Jarvis Department of Computer Science Master of Science Keeping sensitive information private in a public world is a common concern to users of digital credentials. A digital credential may contain sensitive attributes certifying characteristics about its owner. X.509v3, the most widely used certificate standard, includes ...

متن کامل

Protecting Privacy during On-Line Trust Negotiation

The dramatic growth of services and information on the Internet is accompanied by growing concerns over privacy. Trust negotiation is a new approach to establishing trust between strangers on the Internet through the bilateral exchange of digital credentials, the on-line analogue to the paper credentials people carry in their wallets today. When a credential contains sensitive information, its ...

متن کامل

The Technology of Trust Credential Chain Discovery

Increased connectivity and data availability enable new ways of conducting business, but they also create new security vulnerabilities. For example, to streamline a financial transaction, an organization might want to give certain strangers — that is, parties from outside its security domain — access to some of its local resources. Before doing so, however, the organization must establish firm ...

متن کامل

ذخیره در منابع من

ذخیره در منابع من قبلا به منابع من ذحیره شده

{@ msg_add @}


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 1999