Automated trust negotiation in attribute-based access control

Exchange of attribute credentials is a means to establish mutual trust between strangers that wish to share resources or conduct business transactions. Automated trust negotiation (ATN) is an approach to regulate the exchange of sensitive credentials by using access control policies. Prior ATN work makes unrealistic simplifying assumptions about credential-representation languages and credential storage. Moreover, while prior work protects the transmission of credentials, it does not hide the contents of credentials, thus providing unintended access to potentially sensitive attributes. To protect information about sensitive attributes, we have introduced the notion of attribute acknowledgment policies (Ack policies). We have further introduced and implemented the trust target graph (TTG) protocol, which supports a more realistic credential language, Ack policies, and distributed storage of credentials.