Content-triggered trust negotiation
The focus of access control in client/server environments is on protecting sensitive server resources by determining whether or not a client is authorized to access those resources. The set of resources is usually static, and an access control policy associated with each resource specifies who is au...
Gespeichert in:
| Veröffentlicht in: | ACM transactions on information and system security 2004-08, Vol.7 (3), p.428-456 |
|---|---|
| Hauptverfasser: | , , , |
| Format: | Artikel |
| Sprache: | eng |
| Schlagworte: | |
| Online-Zugang: | Volltext |
| Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
| container_end_page | 456 |
|---|---|
| container_issue | 3 |
| container_start_page | 428 |
| container_title | ACM transactions on information and system security |
| container_volume | 7 |
| creator | Hess, Adam Holt, Jason Jacobson, Jared Seamons, Kent E |
| description | The focus of access control in client/server environments is on protecting sensitive server resources by determining whether or not a client is authorized to access those resources. The set of resources is usually static, and an access control policy associated with each resource specifies who is authorized to access the resource. In this article, we turn the traditional client/server access control model on its head and address how to protect the sensitive content that clients disclose to and receive from servers. Since client content is often dynamically generated at run-time, the usual approach of associating a policy with the resource (content) a priori does not work. We propose a general-purpose access control model designed to detect whenever sensitive information is being transmitted, and determine whether the sender or receiver is authorized. The model identifies sensitive content, maps the sensitive content to an access control policy, and establishes the trustworthiness of the sender or receiver before the sensitive content is disclosed or received. We have implemented the model within TrustBuilder, an architecture for negotiating trust between strangers based on properties other than identity. The implementation targets open systems, where clients and servers do not have preexisting trust relationships. The implementation is the first example of content-triggered trust negotiation. It currently supports access control for sensitive content disclosed by web and email clients. |
| doi_str_mv | 10.1145/1015040.1015044 |
| format | Article |
| fullrecord | <record><control><sourceid>proquest_cross</sourceid><recordid>TN_cdi_proquest_miscellaneous_28848191</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>28848191</sourcerecordid><originalsourceid>FETCH-LOGICAL-c212t-dcb67857d455e265f96f18d03c49d7a68e97b5f0759d9cafa38cbb2e20fee2d43</originalsourceid><addsrcrecordid>eNpdkEFLAzEQRoMoWKtnr0XB29okm2ySoxSrQsGLnkM2mSxbtpuaZA_-e6Pdk6c3A49hvg-hW4IfCWF8TTDhmJXlj-wMLQjnohIMN-dlxopVilJ2ia5S2mOMmSB0ge43Ycww5irHvusgglvlOKW8GqELuTe5D-M1uvBmSHAzc4k-t88fm9dq9_7ytnnaVZYSmitn20ZILhzjHGjDvWo8kQ7XliknTCNBiZZ7LLhyyhpvamnblgLFHoA6Vi_Rw-nuMYavCVLWhz5ZGAYzQpiSplIySRQp4t0_cR-mOJbfdEnY8JJfFml9kmwMKUXw-hj7g4nfmmD925ieG5vJ6h-jnFxv</addsrcrecordid><sourcetype>Aggregation Database</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype><pqid>224655048</pqid></control><display><type>article</type><title>Content-triggered trust negotiation</title><source>ACM Digital Library Complete</source><creator>Hess, Adam ; Holt, Jason ; Jacobson, Jared ; Seamons, Kent E</creator><creatorcontrib>Hess, Adam ; Holt, Jason ; Jacobson, Jared ; Seamons, Kent E</creatorcontrib><description>The focus of access control in client/server environments is on protecting sensitive server resources by determining whether or not a client is authorized to access those resources. The set of resources is usually static, and an access control policy associated with each resource specifies who is authorized to access the resource. In this article, we turn the traditional client/server access control model on its head and address how to protect the sensitive content that clients disclose to and receive from servers. Since client content is often dynamically generated at run-time, the usual approach of associating a policy with the resource (content) a priori does not work. We propose a general-purpose access control model designed to detect whenever sensitive information is being transmitted, and determine whether the sender or receiver is authorized. The model identifies sensitive content, maps the sensitive content to an access control policy, and establishes the trustworthiness of the sender or receiver before the sensitive content is disclosed or received. We have implemented the model within TrustBuilder, an architecture for negotiating trust between strangers based on properties other than identity. The implementation targets open systems, where clients and servers do not have preexisting trust relationships. The implementation is the first example of content-triggered trust negotiation. It currently supports access control for sensitive content disclosed by web and email clients.</description><identifier>ISSN: 1094-9224</identifier><identifier>ISSN: 2471-2566</identifier><identifier>EISSN: 1557-7406</identifier><identifier>EISSN: 2471-2574</identifier><identifier>DOI: 10.1145/1015040.1015044</identifier><language>eng</language><publisher>New York: Association for Computing Machinery</publisher><subject>Access control ; Cybersecurity ; Security management ; Servers ; Studies ; Trust</subject><ispartof>ACM transactions on information and system security, 2004-08, Vol.7 (3), p.428-456</ispartof><rights>Copyright Association for Computing Machinery Aug 2004</rights><woscitedreferencessubscribed>false</woscitedreferencessubscribed><citedby>FETCH-LOGICAL-c212t-dcb67857d455e265f96f18d03c49d7a68e97b5f0759d9cafa38cbb2e20fee2d43</citedby><cites>FETCH-LOGICAL-c212t-dcb67857d455e265f96f18d03c49d7a68e97b5f0759d9cafa38cbb2e20fee2d43</cites></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><link.rule.ids>314,776,780,27901,27902</link.rule.ids></links><search><creatorcontrib>Hess, Adam</creatorcontrib><creatorcontrib>Holt, Jason</creatorcontrib><creatorcontrib>Jacobson, Jared</creatorcontrib><creatorcontrib>Seamons, Kent E</creatorcontrib><title>Content-triggered trust negotiation</title><title>ACM transactions on information and system security</title><description>The focus of access control in client/server environments is on protecting sensitive server resources by determining whether or not a client is authorized to access those resources. The set of resources is usually static, and an access control policy associated with each resource specifies who is authorized to access the resource. In this article, we turn the traditional client/server access control model on its head and address how to protect the sensitive content that clients disclose to and receive from servers. Since client content is often dynamically generated at run-time, the usual approach of associating a policy with the resource (content) a priori does not work. We propose a general-purpose access control model designed to detect whenever sensitive information is being transmitted, and determine whether the sender or receiver is authorized. The model identifies sensitive content, maps the sensitive content to an access control policy, and establishes the trustworthiness of the sender or receiver before the sensitive content is disclosed or received. We have implemented the model within TrustBuilder, an architecture for negotiating trust between strangers based on properties other than identity. The implementation targets open systems, where clients and servers do not have preexisting trust relationships. The implementation is the first example of content-triggered trust negotiation. It currently supports access control for sensitive content disclosed by web and email clients.</description><subject>Access control</subject><subject>Cybersecurity</subject><subject>Security management</subject><subject>Servers</subject><subject>Studies</subject><subject>Trust</subject><issn>1094-9224</issn><issn>2471-2566</issn><issn>1557-7406</issn><issn>2471-2574</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2004</creationdate><recordtype>article</recordtype><recordid>eNpdkEFLAzEQRoMoWKtnr0XB29okm2ySoxSrQsGLnkM2mSxbtpuaZA_-e6Pdk6c3A49hvg-hW4IfCWF8TTDhmJXlj-wMLQjnohIMN-dlxopVilJ2ia5S2mOMmSB0ge43Ycww5irHvusgglvlOKW8GqELuTe5D-M1uvBmSHAzc4k-t88fm9dq9_7ytnnaVZYSmitn20ZILhzjHGjDvWo8kQ7XliknTCNBiZZ7LLhyyhpvamnblgLFHoA6Vi_Rw-nuMYavCVLWhz5ZGAYzQpiSplIySRQp4t0_cR-mOJbfdEnY8JJfFml9kmwMKUXw-hj7g4nfmmD925ieG5vJ6h-jnFxv</recordid><startdate>20040801</startdate><enddate>20040801</enddate><creator>Hess, Adam</creator><creator>Holt, Jason</creator><creator>Jacobson, Jared</creator><creator>Seamons, Kent E</creator><general>Association for Computing Machinery</general><scope>AAYXX</scope><scope>CITATION</scope><scope>JQ2</scope><scope>7SC</scope><scope>8FD</scope><scope>L7M</scope><scope>L~C</scope><scope>L~D</scope></search><sort><creationdate>20040801</creationdate><title>Content-triggered trust negotiation</title><author>Hess, Adam ; Holt, Jason ; Jacobson, Jared ; Seamons, Kent E</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c212t-dcb67857d455e265f96f18d03c49d7a68e97b5f0759d9cafa38cbb2e20fee2d43</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2004</creationdate><topic>Access control</topic><topic>Cybersecurity</topic><topic>Security management</topic><topic>Servers</topic><topic>Studies</topic><topic>Trust</topic><toplevel>online_resources</toplevel><creatorcontrib>Hess, Adam</creatorcontrib><creatorcontrib>Holt, Jason</creatorcontrib><creatorcontrib>Jacobson, Jared</creatorcontrib><creatorcontrib>Seamons, Kent E</creatorcontrib><collection>CrossRef</collection><collection>ProQuest Computer Science Collection</collection><collection>Computer and Information Systems Abstracts</collection><collection>Technology Research Database</collection><collection>Advanced Technologies Database with Aerospace</collection><collection>Computer and Information Systems Abstracts Academic</collection><collection>Computer and Information Systems Abstracts Professional</collection><jtitle>ACM transactions on information and system security</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>Hess, Adam</au><au>Holt, Jason</au><au>Jacobson, Jared</au><au>Seamons, Kent E</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>Content-triggered trust negotiation</atitle><jtitle>ACM transactions on information and system security</jtitle><date>2004-08-01</date><risdate>2004</risdate><volume>7</volume><issue>3</issue><spage>428</spage><epage>456</epage><pages>428-456</pages><issn>1094-9224</issn><issn>2471-2566</issn><eissn>1557-7406</eissn><eissn>2471-2574</eissn><abstract>The focus of access control in client/server environments is on protecting sensitive server resources by determining whether or not a client is authorized to access those resources. The set of resources is usually static, and an access control policy associated with each resource specifies who is authorized to access the resource. In this article, we turn the traditional client/server access control model on its head and address how to protect the sensitive content that clients disclose to and receive from servers. Since client content is often dynamically generated at run-time, the usual approach of associating a policy with the resource (content) a priori does not work. We propose a general-purpose access control model designed to detect whenever sensitive information is being transmitted, and determine whether the sender or receiver is authorized. The model identifies sensitive content, maps the sensitive content to an access control policy, and establishes the trustworthiness of the sender or receiver before the sensitive content is disclosed or received. We have implemented the model within TrustBuilder, an architecture for negotiating trust between strangers based on properties other than identity. The implementation targets open systems, where clients and servers do not have preexisting trust relationships. The implementation is the first example of content-triggered trust negotiation. It currently supports access control for sensitive content disclosed by web and email clients.</abstract><cop>New York</cop><pub>Association for Computing Machinery</pub><doi>10.1145/1015040.1015044</doi><tpages>29</tpages></addata></record> |
| fulltext | fulltext |
| identifier | ISSN: 1094-9224 |
| ispartof | ACM transactions on information and system security, 2004-08, Vol.7 (3), p.428-456 |
| issn | 1094-9224 2471-2566 1557-7406 2471-2574 |
| language | eng |
| recordid | cdi_proquest_miscellaneous_28848191 |
| source | ACM Digital Library Complete |
| subjects | Access control Cybersecurity Security management Servers Studies Trust |
| title | Content-triggered trust negotiation |
| url | https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-29T23%3A37%3A51IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest_cross&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=Content-triggered%20trust%20negotiation&rft.jtitle=ACM%20transactions%20on%20information%20and%20system%20security&rft.au=Hess,%20Adam&rft.date=2004-08-01&rft.volume=7&rft.issue=3&rft.spage=428&rft.epage=456&rft.pages=428-456&rft.issn=1094-9224&rft.eissn=1557-7406&rft_id=info:doi/10.1145/1015040.1015044&rft_dat=%3Cproquest_cross%3E28848191%3C/proquest_cross%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_pqid=224655048&rft_id=info:pmid/&rfr_iscdi=true |