Article

Adaptive trust negotiation and access control

Authors:

Tatyana Ryutov,

Li Zhou,

Clifford Neuman,

Travis Leithead,

Kent E. SeamonsAuthors Info & Claims

SACMAT '05: Proceedings of the tenth ACM symposium on Access control models and technologies

Pages 139 - 146

https://doi.org/10.1145/1063979.1064004

Published: 01 June 2005 Publication History

Get Access

Abstract

Electronic transactions regularly occur between business partners in separate security domains. Trust negotiation is an approach that provides an open authentication and access-control environment for such transactions, but it is vulnerable to malicious attacks leading to denial of service or leakage of sensitive information. This paper introduces an Adaptive Trust Negotiation and Access Control (ATNAC) framework to solve these problems. The framework combines two existing systems, TrustBuilder and GAA-API, to create a system with more flexibility and responsiveness to attack than either system currently provides.

References

[1]

Becker, M. Y. and Sewell, P. Cassandra: distributed access control policies with tunable expressiveness. In Policies in Distributed Systems and Networks, June 2004.

Digital Library

Google Scholar

[2]

Bertino, B., Ferrari, E., and Squicciarini, A.C. Trust-X: A Peer-to-Peer Framework for Trust Establishment. In IEEE Transactions on Knowledge and Data Engineering, 16, 7 (July 2004).

Digital Library

Google Scholar

[3]

Bonatti, P. and Samarati, P. A Unified Framework for Regulating Access and Information Release on the Web. In Journal of Computer Security, 10, 3, (2002), 241--271.

Digital Library

Google Scholar

[4]

Herzberg, A., Mass, Y., Mihaeli, J., Naor, D., and Ravid, Y. Access control meets public key infrastructure, or: Assigning roles to strangers. In Proceedings of the 2000 IEEE Symposium on Security and Privacy, May 2000, 2--14.

Digital Library

Google Scholar

[5]

Jim, T. SD3: A Trust Management System With Certified Evaluation. In IEEE Symposium on Security and Privacy, Oakland, CA, May 2001.

Digital Library

Google Scholar

[6]

Li, N., Mitchell, J., and Winsborough, W. RT: A role-based trust-management framework. In Proceedings of The Third DARPA Information Survivability Conference and Exposition (DISCEX III), April 2003.

Google Scholar

[7]

Nejdl, W., Olmedilla, D., and Winslett, M. PeerTrust: Automated Trust Negotiation for Peers on the Semantic Web. In Proceedings of the Workshop on Secure Data Management in a Connected World (SDM '04) in conjunction with 30th International Conference on Very Large Databases, Aug./Sept. 2004.

Crossref

Google Scholar

[8]

Ryutov, T. and Neuman, C. The Specification and Enforcement of Advanced Security Policies. In Third International Workshop on Policies for Distributed Systems and Networks (POLICY 2002), Monterey, CA, June 2002.

Digital Library

Google Scholar

[9]

Ryutov, T., Neuman, C., and Kim, D. Dynamic Authorization and Intrusion Response in Distributed Systems. In Proceedings fo the 3rd DARPA Information Survivability Conference and Exposition (DISCEX III), Washington, D.C., Apr. 2003.

Crossref

Google Scholar

[10]

Ryutov, T., Neuman, C., Kim, D., and Zhou, L. Integrated Access Control and Intrusion Detection for Web Servers. In IEEE Transactions on Parallel and Distributed Systems, 14, 9 (Sept. 2003), 841-850.

Digital Library

Google Scholar

[11]

Skogsrud, H., Benatallah, B., and Casati, F. Model-driven trust negotiation for Web services. IEEE Internet Computing, 7, 6 (Nov./Dec. 2003).

Digital Library

Google Scholar

[12]

Winsborough, W. and Li, N. Towards Practical Automated Trust Negotiation. In Third International Workshop on Policies for Distributed Systems and Networks (POLICY 2002), Monterey, CA, June 2002.

Digital Library

Google Scholar

[13]

Winsborough, W.H., Seamons, K.E., and Jones, V.E. Automated trust negotiation. In DARPA Information Survivability Conference and Exposition, Volume 1, Hilton Head, SC, 2000, 88-102.

Google Scholar

[14]

Winslett, M., Yu, T., Seamons, K. E., Hess, A., Jacobson, J., Jarvis, R., Smith, B., and Yu, L. Negotiating Trust on the Web. IEEE Internet Computing, 6, 6 (Nov./Dec. 2002).

Digital Library

Google Scholar

Cited By

View all

Parkinson SKhana S(2022)Identifying high-risk over-entitlement in access control policies using fuzzy logicCybersecurity10.1186/s42400-022-00112-15:1Online publication date: 2-Mar-2022
https://doi.org/10.1186/s42400-022-00112-1
Chee YChrisnata JKiah HNguyen T(2019)Deciding the Confusability of Words under Tandem Repeats in Linear TimeACM Transactions on Algorithms10.1145/333851415:3(1-22)Online publication date: 16-Jul-2019
https://dl.acm.org/doi/10.1145/3338514
Mitropoulos DSotiropoulos TKoutsovasilis NSpinellis D(2019)PDGuard: an architecture for the control and secure processing of personal dataInternational Journal of Information Security10.1007/s10207-019-00468-5Online publication date: 24-Sep-2019
https://doi.org/10.1007/s10207-019-00468-5
Show More Cited By

Index Terms

Adaptive trust negotiation and access control
1. Security and privacy
  1. Security services
    1. Access control
    2. Authentication
  2. Systems security
    1. Operating systems security

Recommendations

Denial of service attacks and defenses in decentralized trust management

Trust management is an approach to scalable and flexible access control in decentralized systems. In trust management, a server often needs to evaluate a chain of credentials submitted by a client; this requires the server to perform multiple expensive ...
Membership-Based Access Control for Trust Negotiation in Open Systems
IAS '09: Proceedings of the 2009 Fifth International Conference on Information Assurance and Security - Volume 02

Nowadays applications are mostly service oriented and cross-boundary, entities involved in the access control process are usually unfamiliar, so traditional access control mechanism, which basically uses the identity of the involved entities to control ...
Enhancing grid security by fine-grained behavioral control and negotiation-based authorization

Nowadays, Grid has become a leading technology in distributed computing. Grid poses a seamless sharing of heterogeneous computational resources belonging to different domains and conducts efficient collaborations between Grid users. The core Grid ...

Comments

Information & Contributors

Information

Published In

SACMAT '05: Proceedings of the tenth ACM symposium on Access control models and technologies

June 2005

186 pages

ISBN:1595930450

DOI:10.1145/1063979

General Chair:
Elena Ferrari
University of Insubria at Como, Italy
,
Program Chair:
Gail-Joon Ahn
University of North Carolina at Charlotte

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 01 June 2005

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Article

Conference

SACMAT05

Sponsor:

SACMAT05: 10th ACM Symposium on Access Control Models and Technologies 2005

June 1 - 3, 2005

Stockholm, Sweden

Acceptance Rates

Overall Acceptance Rate 177 of 597 submissions, 30%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

93
Total Citations
View Citations
1,379
Total Downloads

Downloads (Last 12 months)7
Downloads (Last 6 weeks)1

Reflects downloads up to 03 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

View all

Parkinson SKhana S(2022)Identifying high-risk over-entitlement in access control policies using fuzzy logicCybersecurity10.1186/s42400-022-00112-15:1Online publication date: 2-Mar-2022
https://doi.org/10.1186/s42400-022-00112-1
Chee YChrisnata JKiah HNguyen T(2019)Deciding the Confusability of Words under Tandem Repeats in Linear TimeACM Transactions on Algorithms10.1145/333851415:3(1-22)Online publication date: 16-Jul-2019
https://dl.acm.org/doi/10.1145/3338514
Mitropoulos DSotiropoulos TKoutsovasilis NSpinellis D(2019)PDGuard: an architecture for the control and secure processing of personal dataInternational Journal of Information Security10.1007/s10207-019-00468-5Online publication date: 24-Sep-2019
https://doi.org/10.1007/s10207-019-00468-5
Yaich R(2019)Trust Management Systems: a Retrospective Study on Digital TrustCyber‐Vigilance and Digital Trust10.1002/9781119618393.ch2(51-103)Online publication date: 24-Apr-2019
https://doi.org/10.1002/9781119618393.ch2
Mbanaso UChukwudebe G(2018)Holistic Access Control and Privacy Infrastructure in Distributed EnvironmentAdvances in Science, Technology and Engineering Systems Journal10.25046/aj0306043:6Online publication date: 2018
https://doi.org/10.25046/aj030604
Saxena DVaisla KRauthan M(2018)Abstract Model of Trusted and Secure Middleware Framework for Multi-cloud EnvironmentAdvanced Informatics for Computing Research10.1007/978-981-13-3143-5_38(469-479)Online publication date: 28-Nov-2018
https://doi.org/10.1007/978-981-13-3143-5_38
Thejas GPramod TIyengar SSunitha N(2018)Intelligent Access Control: A Self-Adaptable Trust-Based Access Control (SATBAC) Framework Using Game Theory StrategyProceedings of International Symposium on Sensor Networks, Systems and Security10.1007/978-3-319-75683-7_7(97-111)Online publication date: 24-May-2018
https://doi.org/10.1007/978-3-319-75683-7_7
Demurjian SAlgarín ABi JBerhe SAgresta TWang XBlechner M(2017)A Viewpoint of Security for Digital Health Care in the United StatesHealthcare Ethics and Training10.4018/978-1-5225-2237-9.ch063(1326-1344)Online publication date: 2017
https://doi.org/10.4018/978-1-5225-2237-9.ch063
Sanzi EDemurjian SBillings J(2017)Integrating Trust Profiles, Trust Negotiation, and Attribute Based Access Control2017 5th IEEE International Conference on Mobile Cloud Computing, Services, and Engineering (MobileCloud)10.1109/MobileCloud.2017.30(177-184)Online publication date: Apr-2017
https://doi.org/10.1109/MobileCloud.2017.30
Sanzi EDemurjian S(2016)Identification and Adaptive Trust Negotiation in Interconnected SystemsInnovative Solutions for Access Control Management10.4018/978-1-5225-0448-1.ch002(33-65)Online publication date: 2016
https://doi.org/10.4018/978-1-5225-0448-1.ch002
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Abstract

References

Cited By

Index Terms

Recommendations

Denial of service attacks and defenses in decentralized trust management

Membership-Based Access Control for Trust Negotiation in Open Systems

Enhancing grid security by fine-grained behavioral control and negotiation-based authorization

Comments

Information

Published In

Sponsors

Publisher

Publication History

Permissions

Check for updates

Author Tags

Qualifiers

Conference

Acceptance Rates

Contributors

Other Metrics

Bibliometrics

Article Metrics

Other Metrics

Citations

Cited By

Login options

Full Access

View options

PDF

eReader

Share

Share this Publication link

Share on social media

Affiliations