Title :
Automated trust negotiation in attribute-based access control
Author :
Winsborough, William H. ; Jacobs, Jay
Author_Institution :
Network Associates Labs., Rockville, MD, USA
Abstract :
Exchange of attribute credentials is a means to establish mutual trust between strangers that wish to share resources or conduct business transactions. Automated trust negotiation (ATN) is an approach to regulate the exchange of sensitive credentials by using access control policies. Prior ATN work makes unrealistic simplifying assumptions about credential-representation languages and credential storage. Moreover, while prior work protects the transmission of credentials, it does not hide the contents of credentials, thus providing unintended access to potentially sensitive attributes. To protect information about sensitive attributes, we have introduced the notion of attribute acknowledgment policies (Ack policies). We have further introduced and implemented the trust target graph (TTG) protocol, which supports a more realistic credential language, Ack policies, and distributed storage of credentials.
Keywords :
authorisation; distributed processing; military computing; protocols; Ack policies; DARPA; TTG protocol; attribute acknowledgment policies; attribute credentials; attribute-based access control; automated trust negotiation; credential language; distributed storage; mutual trust; sensitive credentials exchange; trust target graph; Access control;
Conference_Titel :
DARPA Information Survivability Conference and Exposition, 2003. Proceedings
Print_ISBN :
0-7695-1897-4
DOI :
10.1109/DISCEX.2003.1194974
