Abstract
The dramatic growth of services and information on the Internet is accompanied by growing concerns over privacy. Trust negotiation is a new approach to establishing trust between strangers on the Internet through the bilateral exchange of digital credentials, the on-line analogue to the paper credentials people carry in their wallets today. When a credential contains sensitive information, its disclosure is governed by an access control policy that specifies credentials that must be received before the sensitive credential is disclosed. This paper identifies the privacy vulnerabilities present in on-line trust negotiation and the approaches that can be taken to eliminate or minimize those vulnerabilities. The paper proposes modifications to negotiation strategies to help prevent the inadvertent disclosure of credential information during online trust negotiation for those credentials or credential attributes that have been designated as sensitive, private information.
| Original language | English |
|---|---|
| Title of host publication | Privacy Enhancing Technologies - 2nd International Workshop, PET 2002, Revised Papers |
| Editors | Roger Dingledine, Paul Syverson |
| Publisher | Springer Verlag |
| Pages | 129-143 |
| Number of pages | 15 |
| ISBN (Print) | 354000565X, 9783540005650 |
| DOIs | |
| Publication status | Published - 2003 |
| Externally published | Yes |
| Event | 2nd International Workshop on Privacy Enhancing Technologies, PET 2002 - San Francisco, United States Duration: 14 Apr 2002 → 15 Apr 2002 |
Publication series
| Name | Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) |
|---|---|
| Volume | 2482 |
| ISSN (Print) | 0302-9743 |
| ISSN (Electronic) | 1611-3349 |
Conference
| Conference | 2nd International Workshop on Privacy Enhancing Technologies, PET 2002 |
|---|---|
| Country/Territory | United States |
| City | San Francisco |
| Period | 14/04/02 → 15/04/02 |