skip to main content
10.1145/1102120.1102129acmconferencesArticle/Chapter ViewAbstractPublication PagesccsConference Proceedingsconference-collections
Article

Automated trust negotiation using cryptographic credentials

Published: 07 November 2005 Publication History

Abstract

In automated trust negotiation (ATN), two parties exchange digitally signed credentials that contain attribute information to establish trust and make access control decisions. Because the information in question is often sensitive, credentials are protected according to access control policies. In traditional ATN, credentials are transmitted either in their entirety or not at all. This approach can at times fail unnecessarily, either because a cyclic dependency makes neither negotiator willing to reveal her credential before her opponent, because the opponent must be authorized for all attributes packaged together in a credential to receive any of them, or because it is necessary to fully disclose exact attribute values, rather than merely proving they satisfy some predicate (such as being over 21 years of age). Recently, several cryptographic credential schemes and associated protocols have been developed to address these and other problems. However, they can be used only as fragments of an ATN process. This paper introduces a framework for ATN in which the diverse credential schemes and protocols can be combined, integrated, and used as needed. A policy language is introduced that enables negotiators to specify authorization requirements that must be met by an opponent to receive various amounts of information about certified attributes and the credentials that contain it. The language also supports the use of uncertified attributes, allowing them to be required as part of policy satisfaction, and to place their (automatic) disclosure under policy control.

References

[1]
W. Bagga and R. Molva. Policy-based cryptography and applications. In Proceedings of the 9th International Conference on Financial Cryptography and Data Security, Feb. 2005.]]
[2]
D. Balfanz, G. Durfee, N. Shankar, D. Smetters, J. Staddon, and H.-C. Wong. Secret handshakes from pairing-based key agreements. In Proceedings of the IEEE Symposium and Security and Privacy, pages 180--196, May 2003.]]
[3]
S. Boeyen, T. Howes, and P. Richard. Internet X.509 Public Key Infrastructure LDAPc2 Schema. IETF RFC 2587, June 1999.]]
[4]
P. Bonatti and P. Samarati. Regulating service access and information release on the web. In Proceedings of the 7th ACM Conference on Computer and Communications Security (CCS-7), pages 134--143. ACM Press, Nov. 2000.]]
[5]
F. Boudot. Efficient proofs that a committed number lies in an interval. In Advances in Cryptology: EUROCRYPT '00, volume 1807 of Lecture Notes in Computer Science, pages 431--444. Springer, May 2000.]]
[6]
R. Bradshaw, J. Holt, and K. Seamons. Concealing complex policies with hidden credentials. In Proceedings of 11th ACM Conference on Computer and Communications Security, Oct. 2004.]]
[7]
S. A. Brands. Rethinking Public Key Infrastructures and Digital Certificates: Building in Privacy. MIT Press, Aug. 2000.]]
[8]
J. Camenisch and E. V. Herreweghen. Design and implementation of the idemix anonymous credential system. In Proceedings of the 9th ACM Conference on Computer and Communications Security, CCS '02, pages 21--30. ACM, nov 2002.]]
[9]
J. Camenisch and A. Lysyanskaya. An efficient system for non-transferable anonymous credentials with optional anonymity revocation. In Advances in Cryptology: EUROCRYPT '01, volume 2045 of Lecture Notes in Computer Science, pages 93--118. Springer, 2001.]]
[10]
D. Chaum. Security without identification: Transaction systems to make big brother obsolete. Communications of the ACM, 28(10):1030--1044, 1985.]]
[11]
R. Cramer and I. Damgård. Zero-knowledge proof for finite field arithmetic, or: Can zero-knowledge be for free? In Advances in Cryptology: CRYPTO '98, volume 1462 of Lecture Notes in Computer Science, pages 424--441. Springer, 1998.]]
[12]
R. Cramer, M. K. Franklin, B. Schoenmakers, and M. Yung. Multi-authority secret-ballot elections with linear work. In Advances in Cryptology: EUROCRYPT '96, volume 1070 of Lecture Notes in Computer Science, pages 72--83. Springer, 1996.]]
[13]
I. Damgård and E. Fujisaki. An integer commitment scheme based on groups with hidden order. In Advances in Cryptology: ASIACRYPT '02, volume 2501 of Lecture Notes in Computer Science, pages 125--142. Springer, Dec. 2002.]]
[14]
G. Durfee and M. Franklin. Distribution chain security. In Proceedings of the 7th ACM Conference on Computer and Communications Security, pages 63--70. ACM Press, 2000.]]
[15]
K. B. Frikken, M. J. Atallah, and J. Li. Hidden access control policies with hidden credentials. In Proceedings of the 3rd ACM Workshop on Privacy in the Electronic Society, Oct. 2004.]]
[16]
A. Hess, J. Jacobson, H. Mills, R. Wamsley, K. E. Seamons, and B. Smith. Advanced client/server authentication in TLS. In Network and Distributed System Security Symposium, pages 203--214, Feb. 2002.]]
[17]
J. E. Holt, R. W. Bradshaw, K. E. Seamons, and H. Orman. Hidden credentials. In Proceedings of the 2nd ACM Workshop on Privacy in the Electronic Society, Oct. 2003.]]
[18]
R. Housley, W. Ford, T. Polk, and D. Solo. Internet X.509 Public Key Infrastructure Certificate and CRL Profile. IETF RFC 2459, Jan. 1999.]]
[19]
J. Li and N. Li. OACerts: Oblivious attribute certificates. In Proceedings of the 3rd Conference on Applied Cryptography and Network Security (ACNS), volume 3531 of Lecture Notes in Computer Science, pages 301--317. Springer, June 2005.]]
[20]
J. Li and N. Li. Policy-hiding access control in open environment. In Proceedings of the 24nd ACM Symposium on Principles of Distributed Computing (PODC), pages 29--38. ACM Press, July 2005.]]
[21]
J. Li, N. Li, and W. H. Winsborough. Automated trust negotiation using cryptographic credentials. Technical Report CERIAS-TR-2005-59, Center for Education and Research in Information Assurance and Security, Purdue University, Aug. 2005.]]
[22]
N. Li, W. Du, and D. Boneh. Oblivious signature-based envelope. In Proceedings of the 22nd ACM Symposium on Principles of Distributed Computing (PODC). ACM Press, July 2003.]]
[23]
N. Li and J. C. Mitchell. Datalog with constraints: A foundation for trust management languages. In Proceedings of the Fifth International Symposium on Practical Aspects of Declarative Languages (PADL 2003), pages 58--73. Springer, Jan. 2003.]]
[24]
N. Li, J. C. Mitchell, and W. H. Winsborough. Design of a role-based trust management framework. In Proceedings of the 2002 IEEE Symposium on Security and Privacy, pages 114--130. IEEE Computer Society Press, May 2002.]]
[25]
N. Li, W. H. Winsborough, and J. C. Mitchell. Distributed credential chain discovery in trust management. Journal of Computer Security, 11(1):35--86, Feb. 2003.]]
[26]
A. Lysyanskaya, R. L. Rivest, A. Sahai, and S. Wolf. Pseudonym systems. In Selected Areas in Cryptography, 6th Annual International Workshop, SAC '99, volume 1758 of Lecture Notes in Computer Science, pages 184--199. Springer, 1999.]]
[27]
T. P. Pedersen. Non-interactive and information-theoretic secure verifiable secret sharing. In Advances in Cryptology: CRYPTO '91, volume 576 of Lecture Notes in Computer Science, pages 129--140. Springer, 1991.]]
[28]
K. E. Seamons, M. Winslett, and T. Yu. Limiting the disclosure of access control policies during automated trust negotiation. In Proceedings of the Symposium on Network and Distributed System Security (NDSS'01), February 2001.]]
[29]
K. E. Seamons, M. Winslett, T. Yu, L. Yu, and R. Jarvis. Protecting privacy during on-line trust negotiation. In 2nd Workshop on Privacy Enhancing Technologies. Springer-Verlag, Apr. 2002.]]
[30]
W. H. Winsborough and N. Li. Protecting sensitive attributes in automated trust negotiation. In Proceedings of the ACM Workshop on Privacy in the Electronic Society, pages 41--51. ACM Press, Nov. 2002.]]
[31]
W. H. Winsborough and N. Li. Towards practical automated trust negotiation. In Proceedings of the Third International Workshop on Policies for Distributed Systems and Networks (Policy 2002), pages 92--103. IEEE Computer Society Press, June 2002.]]
[32]
W. H. Winsborough and N. Li. Safety in automated trust negotiation. In Proceedings of the IEEE Symposium on Security and Privacy, pages 147--160, May 2004.]]
[33]
W. H. Winsborough, K. E. Seamons, and V. E. Jones. Automated trust negotiation. In DARPA Information Survivability Conference and Exposition, volume I, pages 88--102. IEEE Press, Jan. 2000.]]
[34]
M. Winslett, T. Yu, K. E. Seamons, A. Hess, J. Jacobson, R. Jarvis, B. Smith, and L. Yu. Negotiating trust on the web. IEEE Internet Computing, 6(6):30--37, November/December 2002.]]
[35]
M. Winslett, T. Yu, K. E. Seamons, A. Hess, J. Jacobson, R. Jarvis, B. Smith, and L. Yu. Negotiating trust on the web. IEEE Internet Computing, 6(6):30--37, November/December 2002.]]
[36]
T. Yu and M. Winslett. Policy migration for sensitive credentials in trust negotiation. In Proceedings of the ACM Workshop on Privacy in the Electronic Society, pages 9--20. ACM Press, Oct. 2003.]]
[37]
T. Yu and M. Winslett. Unified scheme for resource protection in automated trust negotiation. In Proceedings of IEEE Symposium on Security and Privacy, pages 110--122. IEEE Computer Society Press, May 2003.]]
[38]
T. Yu, M. Winslett, and K. E. Seamons. Supporting structured credentials and sensitive policies through interoperable strategies for automated trust negotiation. ACM Transactions on Information and System Security (TISSEC), 6(1):1--42, Feb. 2003.]]

Cited By

View all
  • (2024)Secure Cloud Storage with a Sanitizable Access Control System Again Malicious Data PublisherINTI Journal10.61453/INTIj.2024262024:1Online publication date: Aug-2024
  • (2024)A Trust Establishment and Key Management Architecture for Hospital-at-HomeACM Transactions on Computing for Healthcare10.1145/37001446:1(1-28)Online publication date: 14-Oct-2024
  • (2022)A Construction for General and Efficient Oblivious Commitment Based Envelope ProtocolsInformation and Communications Security10.1007/11935308_10(122-138)Online publication date: 10-Mar-2022
  • Show More Cited By

Recommendations

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences
CCS '05: Proceedings of the 12th ACM conference on Computer and communications security
November 2005
422 pages
ISBN:1595932267
DOI:10.1145/1102120
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 07 November 2005

Permissions

Request permissions for this article.

Check for updates

Author Tags

  1. access control
  2. automated trust negotiation
  3. digital credentials
  4. privacy

Qualifiers

  • Article

Conference

CCS05
Sponsor:

Acceptance Rates

Overall Acceptance Rate 1,261 of 6,999 submissions, 18%

Upcoming Conference

CCS '25

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • Downloads (Last 12 months)17
  • Downloads (Last 6 weeks)3
Reflects downloads up to 17 Feb 2025

Other Metrics

Citations

Cited By

View all
  • (2024)Secure Cloud Storage with a Sanitizable Access Control System Again Malicious Data PublisherINTI Journal10.61453/INTIj.2024262024:1Online publication date: Aug-2024
  • (2024)A Trust Establishment and Key Management Architecture for Hospital-at-HomeACM Transactions on Computing for Healthcare10.1145/37001446:1(1-28)Online publication date: 14-Oct-2024
  • (2022)A Construction for General and Efficient Oblivious Commitment Based Envelope ProtocolsInformation and Communications Security10.1007/11935308_10(122-138)Online publication date: 10-Mar-2022
  • (2021)IMPROVING SECURITY AND EFFICIENCY IN ATTRIBUTE-BASED DATA SHARING USING CLOUDi-manager’s Journal on Software Engineering10.26634/jse.16.1.1399016:1(15)Online publication date: 2021
  • (2020)Preserving the Privacy for University Data Using Blockchain and Attribute-based Encryption2020 IEEE Conference on Computer Applications(ICCA)10.1109/ICCA49400.2020.9022852(1-5)Online publication date: Feb-2020
  • (2020)Toward a Negotiation Framework for Self-Integration2020 IEEE International Conference on Autonomic Computing and Self-Organizing Systems Companion (ACSOS-C)10.1109/ACSOS-C51401.2020.00038(95-100)Online publication date: Aug-2020
  • (2020)Highly Scalable Block Cipher Encryption in MapReduce-Based Distribution SystemProceedings of International Conference on IoT Inclusive Life (ICIIL 2019), NITTTR Chandigarh, India10.1007/978-981-15-3020-3_3(23-31)Online publication date: 9-Apr-2020
  • (2019)Proof of Shared Ownerships and Construct A Collaborative Cloud ApplicationIntelligent Communication Technologies and Virtual Mobile Networks10.1007/978-3-030-28364-3_51(504-510)Online publication date: 13-Aug-2019
  • (2017)Implementation of Ciphertext Policy-Attribute Based Encryption (CP-ABE) for fine grained access control of university data2017 Tenth International Conference on Contemporary Computing (IC3)10.1109/IC3.2017.8284289(1-7)Online publication date: Aug-2017
  • (2015)New access control systems based on outsourced attribute-based encryption1Journal of Computer Security10.3233/JCS-15053323:6(659-683)Online publication date: 2-Oct-2015
  • Show More Cited By

View Options

Login options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Figures

Tables

Media

Share

Share

Share this Publication link

Share on social media