Abstract
Trust negotiation is a promising approach for establishing trust in open systems, in which sensitive interactions may often occur between entities with no prior knowledge of each other. Although, to date several trust negotiation systems have been proposed, none of them fully address the problem of privacy preservation. Today, privacy is one of the major concerns of users when exchanging information through the Web and thus we believe that trust negotiation systems must effectively address privacy issues in order to be widely applicable. For these reasons, in this paper, we investigate privacy in the context of trust negotiations. We propose a set of privacy-preserving features for inclusion in any trust negotiation system, such as the support for the P3P standard, as well as a number of innovative features, such as a novel format for encoding digital credentials specifically designed for preserving privacy. Further, we present a variety of interoperable strategies to carry on the negotiation with the aim of improving both privacy and efficiency.
- Agrawal, R., Kiernan, J., Srikant, R., and Xu, Y. 2003. Implementing P3P using database technology. 19th International Conference on Data Engineering. Bangalore, India.Google Scholar
- Bertino, E., Ferrari, E., and Squicciarini, A. 2003. X-TNL---an XML based language for trust negotiations. Fourth IEEE International Workshop on Policies for Distributed Systems and Networks. Como, Italy. Google Scholar
Digital Library
- Bertino, E., Ferrari, E., and Squicciarini, A. 2004a. Privacy preserving trust negotiations. 4th International Workshop on Privacy Enhancing Technologies. Toronto, Canada.Google Scholar
- Bertino, E., Ferrari, E., and Squicciarini, A. 2004b. Trust-X---a Peer to Peer Framework for Trust Establishment. IEEE Trans. Knowl. Data Eng. 16, 7, 827--842. Google Scholar
Digital Library
- Bonatti, P. and Samarati, P. 2000. Regulating access services and information release on the Web. 7th ACM Conference on Computer and Communications Security. Athens, Greece. Google Scholar
Digital Library
- Bradshaw, R., Holt, J. E., and Seamons, K. E. 2004. Concealing complex policies with hidden credentials. In CCS '04: Proceedings of the 11th ACM Conference on Computer and Communications Security. ACM Press, New York. 146--157. Google Scholar
Digital Library
- Brands, S. 2000. Rethinking Public Key Infrastructure and Digital Credentials. MIT Press, Cambridge, MA. Google Scholar
Digital Library
- Camenisch, J. and Herreweghen, E. V. 2002. Design and implementation of the idemix anonymous credential system. In CCS '02: Proceedings of the 9th ACM Conference on Computer and Communications Security. ACM Press, New York. 21--30. Google Scholar
Digital Library
- Chaum, D. 1985. Security without identification: transaction systems to make big brother obsolete. Commununications of ACM 28, 10, 1030--1044. Google Scholar
Digital Library
- Clark, J. 1999. XSL transformations (XSLT). version 1.0 W3C recommendation. Available at: http://www.w3.org/TR/xslt.Google Scholar
- Cranor, L., Langherinrigh, M., and Marchiori, M. 2002. A P3P preference exchange language 1.0 (APPEL1.0). W3C Working Draft.Google Scholar
- Cranor, L., Langherinrigh, M., Marchiori, M., Presler-Marsall, M., and Reagle, J. 2003. P3P- the platform for privacy preferences, version 1.1. Available at: http://www.w3.org/P3P/1.1/.Google Scholar
- Herzberg, A. and J. Mihaeli, E. A. 2000. Access control meets public key infrastructure, or: Assigning Roles to Strangers. IEEE Symposium on Security and Privacy. Oakland, CA. Google Scholar
Digital Library
- Housley, R., Polk, W., Ford, W., and So, D. 2002. Internet X.509 public key infrastructure certificate and certificate revocation List (crl) profile. RFC 3280. Google Scholar
- IBM. IBM Tivoli privacy wizard. Available at: www.tivoli.resource_center/maximize/privacy/wizard_code.html.Google Scholar
- Jarvis, R. 2003. Selective disclosure of credential content during trust negotiation. Master of Science Thesis, Brigham Young University, Provo, UT.Google Scholar
- JRC. 2002. JRC P3P resource centre. Available at: http://p3p.jrc.it.Google Scholar
- Lee, A. J., Winslett, M., Basney, J., and Welch, V. 2006. Traust: A trust negotiation-based authorization service for open systems. In SACMAT '06: Proceedings of the 11th ACM Symposium on Access Control Models and Technologies. ACM Press, New York. 39--48. Google Scholar
Digital Library
- Li, N., Du, W., and Boneh, D. 2003. Oblivious signature-based envelope.Google Scholar
- Microsoft. 2004. Infocard project. Available at http://msdn.microsoft.com/winfx/reference/infocard/default.aspx.Google Scholar
- Naor, M. 1990. Bit commitment using pseudorandomness. Advances in Cryptology- 89. Lecture Notes in Computer Science, vol. 435, New York. Google Scholar
Digital Library
- Persiano, P. and Visconti, I. 2000. User privacy issues regarding certificates and the TLS protocol. Proceedings of the ACM Conference on Computer and Communication Security, Athens, Greece. Google Scholar
Digital Library
- Seamons, K. E., Winslett, M., and Yu, T. 2001. Limiting the disclosure of Access Control Policies during automated trust negotiation. Network and Distributed System Security Simposium. San Diego, CA.Google Scholar
- Seamons, K. E., Winslett, M., and Yu, T. 2002. Protecting privacy during on line trust negotiation. 2nd Workshop on Privacy Enhancing Technologies. San Francisco, CA.Google Scholar
- Westin, A. F. 1967. Privacy and freedom. Atheneum, New York.Google Scholar
- Winsborough, W. and Li, N. 2002a. Towards practical automated trust negotiation. IEEE 3rd Intl. Workshop on Policies for Distributed Systems and Networks. Monterey, CA. Google Scholar
Digital Library
- Winsborough, W. H. and Li, N. 2002b. Protecting sensitive attributes in automated trust negotiation. ACM Workshop on Privacy in the Electronic Society. Google Scholar
Digital Library
- Winsborough, W. H., Seamons, K. E., and Jones, V. 2000. Automated trust negotiation. DARPA Information Survivability Conference and Exposition, Vol. I, 88--102.Google Scholar
- Winslett, M., Yu, T., Seamons, K. E., Hess, A., Jarvis, J., Smith, B., and Yu, L. 2002. Negotiating trust on the Web. IEEE Internet Computing, 6, 6, 30--37. Google Scholar
Digital Library
- World Wide Web Consortium. References for P3P implementation. Available at: http://www.w3org/P3P/implementations.Google Scholar
- World Wide Web Consortium. Uniform resource identifiers, naming and addressing: URIs, URLs, … Available at http://www.w3.org/addressing.Google Scholar
- Yu, T. and Winslett, M. 2003. A unified scheme for resource protection in automated trust negotiation. IEEE Symposium on Security and Privacy, 110. Oakland, CA. Google Scholar
Digital Library
- Yu, T., Winslett, M., and Seamons, K. E. 2003. Supporting structured credentials and sensitive policies through interoperable strategies for automated trust negotiation. ACM Transactions on Information and System Security 6, 1 (Feb.). Google Scholar
Digital Library
Index Terms
PP-trust-X: A system for privacy preserving trust negotiations
Recommendations
Safety in automated trust negotiation
Exchange of attribute credentials is a means to establish mutual trust between strangers wishing to share resources or conduct business transactions. Automated Trust Negotiation (ATN) is an approach to regulate the exchange of sensitive information ...
Automated trust negotiation using cryptographic credentials
CCS '05: Proceedings of the 12th ACM conference on Computer and communications securityIn automated trust negotiation (ATN), two parties exchange digitally signed credentials that contain attribute information to establish trust and make access control decisions. Because the information in question is often sensitive, credentials are ...
Automated trust negotiation using cryptographic credentials
In automated trust negotiation (ATN), two parties exchange digitally signed credentials that contain attribute information to establish trust and make access control decisions. Because the information in question is often sensitive, credentials are ...






Comments