Responding to Policies at Runtime in TrustBuilder

	This Article
	Subscribers, please Login Purchase article: $19 PDF IEEE Xplore Subscribers RSS feed
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/Endnote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Bryan Smith Articles by Kent E. Seamons Articles by Michael D. Jones

Fifth IEEE International Workshop on Policies for Distributed Systems and Networks (POLICY'04)

Yorktown Heights, New York

June 07-June 09

ISBN: 0-7695-2141-X

	ASCII Text	x
	Bryan Smith, Kent E. Seamons, Michael D. Jones, "Responding to Policies at Runtime in TrustBuilder," Policies for Distributed Systems and Networks, IEEE International Workshop on, pp. 149, Fifth IEEE International Workshop on Policies for Distributed Systems and Networks (POLICY'04), 2004.

	BibTex	x
	@article{ 10.1109/POLICY.2004.1309161, author = {Bryan Smith and Kent E. Seamons and Michael D. Jones}, title = {Responding to Policies at Runtime in TrustBuilder}, journal ={Policies for Distributed Systems and Networks, IEEE International Workshop on}, volume = {0}, year = {2004}, isbn = {0-7695-2141-X}, pages = {149}, doi = {http://doi.ieeecomputersociety.org/10.1109/POLICY.2004.1309161}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Policies for Distributed Systems and Networks, IEEE International Workshop on TI - Responding to Policies at Runtime in TrustBuilder SN - 0-7695-2141-X SP EP A1 - Bryan Smith, A1 - Kent E. Seamons, A1 - Michael D. Jones, PY - 2004 KW - null VL - 0 JA - Policies for Distributed Systems and Networks, IEEE International Workshop on ER -

Bryan Smith, Brigham Young University, Provo, Utah

Kent E. Seamons, Brigham Young University, Provo, Utah

Michael D. Jones, Brigham Young University, Provo, Utah

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/POLICY.2004.1309161

Automated trust negotiation is the process of establishing trust between entities with no prior relationship through the iterative disclosure of digital credentials. One approach to negotiating trust is for the participants to exchange access control policies to inform each other of the requirements for establishing trust. When a policy is received at run-time, a compliance checker determines which credentials satisfy the policy so they can be disclosed. In situations where several sets of credentials satisfy a policy and some of the credentials are sensitive, a compliance checker that generates all the sets is necessary to insure that the negotiation succeeds whenever possible. Compliance checkers designed for trust management do not usually generate all the satisfying sets. In this paper, we present two practical algorithms for generating all satisfying sets given a compliance checker that generates only one set. The ability to generate all of the combinations provides greater flexibility in how the system or user establishes trust. For example, the least sensitive credential combination could be disclosed first. These ideas have been implemented in TrustBuilder, our prototype system for trust negotiation.

Citation:

Bryan Smith, Kent E. Seamons, Michael D. Jones, "Responding to Policies at Runtime in TrustBuilder," policy, pp.149, Fifth IEEE International Workshop on Policies for Distributed Systems and Networks (POLICY'04), 2004

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.