Limiting the Disclosure of Access Control Policies during Automated Trust Negotiation

Kent E. Seamons; Marianne Winslett; Ting Yu

Limiting the Disclosure of Access Control Policies during Automated Trust Negotiation

Kent E. Seamons, Marianne Winslett, Ting Yu

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

Abstract

Automated trust negotiation is a new approach to establishing trust between strangers through the exchange of property-based digital credentials, and the use of mobile access control policies that specify what combinations of credentials a stranger must supply in order to gain access to each local service or credential. In this paper, we show that access control policies can also contain sensitive information that should be protected from inappropriate access by strangers during negotiation. We present and analyze two automated trust negotiation strategies that support protection for access control policies. The first is the relevant credentials set strategy, which does not directly disclose access control policies and has a fast running time, but may disclose more credentials than strictly necessary. The second strategy is the all relevant policies strategy, which freely discloses all relevant access control policies that the other negotiating party has earned access to during negotiation, and offers the possibility of disclosing fewer credentials during negotiation.

Original language	English
Title of host publication	Proceedings of the Symposium on Network and Distributed System Security, NDSS 2001
Publisher	The Internet Society
ISBN (Electronic)	189156210X, 9781891562105
Publication status	Published - 2001
Externally published	Yes
Event	8th Symposium on Network and Distributed System Security, NDSS 2001 - San Diego, United States Duration: 8 Feb 2001 → 9 Feb 2001

Publication series

Name	Proceedings of the Symposium on Network and Distributed System Security, NDSS 2001

Conference

Conference	8th Symposium on Network and Distributed System Security, NDSS 2001
Country/Territory	United States
City	San Diego
Period	8/02/01 → 9/02/01

Cite this

@inproceedings{1da24734728845f19ebfb3b178f33f28,

title = "Limiting the Disclosure of Access Control Policies during Automated Trust Negotiation",

abstract = "Automated trust negotiation is a new approach to establishing trust between strangers through the exchange of property-based digital credentials, and the use of mobile access control policies that specify what combinations of credentials a stranger must supply in order to gain access to each local service or credential. In this paper, we show that access control policies can also contain sensitive information that should be protected from inappropriate access by strangers during negotiation. We present and analyze two automated trust negotiation strategies that support protection for access control policies. The first is the relevant credentials set strategy, which does not directly disclose access control policies and has a fast running time, but may disclose more credentials than strictly necessary. The second strategy is the all relevant policies strategy, which freely discloses all relevant access control policies that the other negotiating party has earned access to during negotiation, and offers the possibility of disclosing fewer credentials during negotiation.",

author = "Seamons, {Kent E.} and Marianne Winslett and Ting Yu",

note = "Publisher Copyright: {\textcopyright} 2001 Symposium on Network and Distributed System Security; 8th Symposium on Network and Distributed System Security, NDSS 2001 ; Conference date: 08-02-2001 Through 09-02-2001",

year = "2001",

language = "English",

series = "Proceedings of the Symposium on Network and Distributed System Security, NDSS 2001",

publisher = "The Internet Society",

booktitle = "Proceedings of the Symposium on Network and Distributed System Security, NDSS 2001",

}

Seamons, KE, Winslett, M & Yu, T 2001, Limiting the Disclosure of Access Control Policies during Automated Trust Negotiation. in Proceedings of the Symposium on Network and Distributed System Security, NDSS 2001. Proceedings of the Symposium on Network and Distributed System Security, NDSS 2001, The Internet Society, 8th Symposium on Network and Distributed System Security, NDSS 2001, San Diego, United States, 8/02/01.

Limiting the Disclosure of Access Control Policies during Automated Trust Negotiation. / Seamons, Kent E.; Winslett, Marianne; Yu, Ting.
Proceedings of the Symposium on Network and Distributed System Security, NDSS 2001. The Internet Society, 2001. (Proceedings of the Symposium on Network and Distributed System Security, NDSS 2001).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Limiting the Disclosure of Access Control Policies during Automated Trust Negotiation

AU - Seamons, Kent E.

AU - Winslett, Marianne

AU - Yu, Ting

PY - 2001

Y1 - 2001

N2 - Automated trust negotiation is a new approach to establishing trust between strangers through the exchange of property-based digital credentials, and the use of mobile access control policies that specify what combinations of credentials a stranger must supply in order to gain access to each local service or credential. In this paper, we show that access control policies can also contain sensitive information that should be protected from inappropriate access by strangers during negotiation. We present and analyze two automated trust negotiation strategies that support protection for access control policies. The first is the relevant credentials set strategy, which does not directly disclose access control policies and has a fast running time, but may disclose more credentials than strictly necessary. The second strategy is the all relevant policies strategy, which freely discloses all relevant access control policies that the other negotiating party has earned access to during negotiation, and offers the possibility of disclosing fewer credentials during negotiation.

AB - Automated trust negotiation is a new approach to establishing trust between strangers through the exchange of property-based digital credentials, and the use of mobile access control policies that specify what combinations of credentials a stranger must supply in order to gain access to each local service or credential. In this paper, we show that access control policies can also contain sensitive information that should be protected from inappropriate access by strangers during negotiation. We present and analyze two automated trust negotiation strategies that support protection for access control policies. The first is the relevant credentials set strategy, which does not directly disclose access control policies and has a fast running time, but may disclose more credentials than strictly necessary. The second strategy is the all relevant policies strategy, which freely discloses all relevant access control policies that the other negotiating party has earned access to during negotiation, and offers the possibility of disclosing fewer credentials during negotiation.

UR - http://www.scopus.com/inward/record.url?scp=85056545124&partnerID=8YFLogxK

M3 - Conference contribution

AN - SCOPUS:85056545124

T3 - Proceedings of the Symposium on Network and Distributed System Security, NDSS 2001

BT - Proceedings of the Symposium on Network and Distributed System Security, NDSS 2001

PB - The Internet Society

T2 - 8th Symposium on Network and Distributed System Security, NDSS 2001

Y2 - 8 February 2001 through 9 February 2001

ER -

Limiting the Disclosure of Access Control Policies during Automated Trust Negotiation

Abstract

Publication series

Conference

Other files and links

Fingerprint

Cite this