Automated trust negotiation

Automated trust negotiation

Distributed software subjects face the problem of determining one another's trustworthiness. The problem considered is managing the exchange of credentials between strangers for the purpose of property-based authentication and authorization when credentials are sensitive. An architecture for tr...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Winsborough, W.H., Seamons, K.E., Jones, V.E.
Format: Tagungsbericht
Sprache:eng
Schlagworte:
Authentication
Authorization
Electrical capacitance tomography
Guidelines
Humans
Open systems
Software agents
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:Distributed software subjects face the problem of determining one another's trustworthiness. The problem considered is managing the exchange of credentials between strangers for the purpose of property-based authentication and authorization when credentials are sensitive. An architecture for trust negotiation between client and server is presented. The notion of a trust negotiation strategy is introduced and examined with respect to an abstract model of trust negotiation. Two strategies with very different properties are defined and analyzed. A language of credential expressions is presented, with two example negotiations illustrating the two negotiation strategies. Ongoing work on policies governing credential disclosure and trust negotiation is summarized.
DOI:10.1109/DISCEX.2000.824965