skip to main content
10.1145/1102120.1102128acmconferencesArticle/Chapter ViewAbstractPublication PagesccsConference Proceedingsconference-collections
Article

Preventing attribute information leakage in automated trust negotiation

Published: 07 November 2005 Publication History

Abstract

Automated trust negotiation is an approach which establishes trust between strangers through the bilateral, iterative disclosure of digital credentials. Sensitive credentials are protected by access control policies which may also be communicated to the other party. Ideally, sensitive information should not be known by others unless its access control policy has been satisfied. However, due to bilateral information exchange, information may flow to others in a variety of forms, many of which cannot be protected by access control policies alone. In particular, sensitive information may be inferred by observing negotiation participants' behavior even when access control policies are strictly enforced.In this paper, we propose a general framework for the safety of trust negotiation systems. Compared to the existing safety model, our framework focuses on the actual information gain during trust negotiation instead of the exchanged messages. Thus, it directly reflects the essence of safety in sensitive information protection. Based on the proposed framework, we develop policy databases as a mechanism to help prevent unauthorized information inferences during trust negotiation. We show that policy databases achieve the same protection of sensitive information as existing solutions without imposing additional complications to the interaction between negotiation participants or restricting users' autonomy in defining their own policies.

References

[1]
D. Balfanz, G. Durfee, N. Shankar, D. Smetters, J. Staddon, and H. Wong. Secret Handshakes from Pairing-Based Key Agreements. In IEEE Symposium on Security and Privacy, Berkeley, CA, May 2003.]]
[2]
M. Blaze, J. Feigenbaum, J. Ioannidis, and A. Keromytis. The KeyNote Trust Management System Version 2. In Internet Draft RFC 2704, September 1999.]]
[3]
M. Blaze, J. Feigenbaum, and A. D. Keromytis. KeyNote: Trust Management for Public-Key Infrastructures. In Security Protocols Workshop, Cambridge, UK, 1998.]]
[4]
P. Bonatti and P. Samarati. Regulating Service Access and Information Release on the Web. In Conference on Computer and Communications Security, Athens, November 2000.]]
[5]
R.W. Bradshaw, J.E. Holt, and K.E. Seamons. Concealing Complex Policies in Hidden Credentials. In ACM Conference on Computer and Communications Security, Washington, DC, October 2004.]]
[6]
S. Brands. Rethinking Public Key Infrastructures and Digital Certificates: Building in Privacy. The MIT Press, 2000.]]
[7]
J. Camenisch and E.V. Herreweghen. Design and Implementation of theIdemix Anonymous Credential System. In ACM Conference on Computer and Communications Security, Washington D.C., November 2002.]]
[8]
J. Camenisch and A. Lysyanskaya. Efficient Non-Transferable Anonymous Multi-Show Credential System with Optional Anonymity Revocation. In EUROCRYPT 2001, volume 2045 ofLecture Notes in Computer Science. Springer, 2001.]]
[9]
D. Chaum. Security without Identification: Transactions Systems to Make Big Brother Obsolete. Communications of the ACM, 24(2), 1985.]]
[10]
I.B. Damgåard. Payment Systems and Credential Mechanism with Provable Security Against Abuse by Individuals. In CRYPTO'88, volume 403 ofLecture Notes in Computer Science. Springer, 1990.]]
[11]
A. Herzberg, J. Mihaeli, Y. Mass, D. Naor, and Y. Ravid. Access Control Meets Public Key Infrastructure, Or: Assigning Roles to Strangers. In IEEE Symposium on Security and Privacy, Oakland, CA, May 2000.]]
[12]
A. Hess, J. Jacobson, H. Mills, R. Wamsley, K. Seamons, and B. Smith. Advanced Client/Server Authentication in TLS. In Network and Distributed System Security Symposium, San Diego, CA, February 2002.]]
[13]
J. Holt, R. bradshaw, K.E. Seamons, and H. Orman. Hidden Credentials. In ACM Workshop on Privacy in the Electronic Society, Washington, DC, October 2003.]]
[14]
W. Johnson, S. Mudumbai, and M. Thompson. Authorization and Attribute Certificates for Widely Distributed Access Control. In IEEE International Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises, 1998.]]
[15]
N. Li, W. Du, and D. Boneh. Oblivious Signature-Based Envelope. In ACM Symposium on Principles of Distributed Computing, New York City, NY, July 2003.]]
[16]
N. Li, J.C. Mitchell, and W. Winsborough. Design of a Role-based Trust-management Framework. In IEEE Symposium on Security and Privacy, Berkeley, California, May 2002.]]
[17]
N. Li, W. Winsborough, and J.C. Mitchell. Distributed Credential Chain Discovery in Trust Management. Journal of Computer Security, 11(1), February 2003.]]
[18]
A. Lysyanskaya, R. Rivest, A. Sahai, and S. Wolf. Pseudonym Systems. In Selected Areas in Cryptography, 1999, volume 1758 of Lecture Notes in Computer Science. Springer, 2000.]]
[19]
K. Seamons, M. Winslett, and T. Yu. Limiting the Disclosure of Access Control Policies during Automated Trust Negotiation. In Network and Distributed System Security Symposium, San Diego, CA, February 2001.]]
[20]
K. Seamons, M. Winslett, T. Yu, L. Yu, and R. Jarvis. Protecting Privacy during On-line Trust Negotiation. In 2nd Workshop on Privacy Enhancing Technologies, San Francisco, CA, April 2002.]]
[21]
W. Winsborough and N. Li. Protecting Sensitive Attributes in Automated Trust Negotiation. In ACM Workshop on Privacy in the Electronic Society, Washington, DC, November 2002.]]
[22]
W. Winsborough and N. Li. Towards Practical Automated Trust Negotiation. In 3rd International Workshop on Policies for Distributed Systems and Networks, Monterey, California, June 2002.]]
[23]
W. Winsborough and N. Li. Safety in Automated Trust Negotiation. In IEEE Symposium on Security and Privacy, Oakland, CA, May 2004.]]
[24]
W. Winsborough, K. Seamons, and V. Jones. Automated Trust Negotiation. In DARPA Information Survivability Conference and Exposition, Hilton Head Island, SC, January 2000.]]
[25]
M. Winslett, T. Yu, K.E. Seamons, A. Hess, J. Jarvis, B. Smith, and L. Yu. Negotiating Trust on the Web. IEEE Internet Computing, special issue on trust management, 6(6), November 2002.]]
[26]
T. Yu and M. Winslett. A Unified Scheme for Resource Protection in Automated Trust Negotiation. In IEEE Symposium on Security and Privacy, Oakland, CA, May 2003.]]
[27]
T. Yu and M. Winslett. Policy Migration for Sensitive Credentials in Trust Negotiation. In ACM Workshop on Privacy in the Electronic Society, Washington, DC, October 2003.]]
[28]
T. Yu, M. Winslett, and K. Seamons. Supporting Structured Credentials and Sensitive Policies through Interoperable Strategies in Automated Trust Negotiation. ACM Transactions on Information and System Security, 6(1), February 2003.]]

Cited By

View all
  • (2025)Privacy-preserving attribute-based access control using homomorphic encryptionCybersecurity10.1186/s42400-024-00323-88:1Online publication date: 22-Jan-2025
  • (2019)An efficient privacy‐enhanced attribute‐based access control mechanismConcurrency and Computation: Practice and Experience10.1002/cpe.555632:5Online publication date: 7-Nov-2019
  • (2018)A Privacy-Preserving Attribute-Based Access Control SchemeSecurity, Privacy, and Anonymity in Computation, Communication, and Storage10.1007/978-3-030-05345-1_31(361-370)Online publication date: 7-Dec-2018
  • Show More Cited By

Index Terms

  1. Preventing attribute information leakage in automated trust negotiation

      Recommendations

      Comments

      Information & Contributors

      Information

      Published In

      cover image ACM Conferences
      CCS '05: Proceedings of the 12th ACM conference on Computer and communications security
      November 2005
      422 pages
      ISBN:1595932267
      DOI:10.1145/1102120
      Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

      Sponsors

      Publisher

      Association for Computing Machinery

      New York, NY, United States

      Publication History

      Published: 07 November 2005

      Permissions

      Request permissions for this article.

      Check for updates

      Author Tags

      1. attribute-based access control
      2. privacy
      3. trust negotiation

      Qualifiers

      • Article

      Conference

      CCS05
      Sponsor:

      Acceptance Rates

      Overall Acceptance Rate 1,261 of 6,999 submissions, 18%

      Upcoming Conference

      CCS '25

      Contributors

      Other Metrics

      Bibliometrics & Citations

      Bibliometrics

      Article Metrics

      • Downloads (Last 12 months)5
      • Downloads (Last 6 weeks)1
      Reflects downloads up to 10 Feb 2025

      Other Metrics

      Citations

      Cited By

      View all
      • (2025)Privacy-preserving attribute-based access control using homomorphic encryptionCybersecurity10.1186/s42400-024-00323-88:1Online publication date: 22-Jan-2025
      • (2019)An efficient privacy‐enhanced attribute‐based access control mechanismConcurrency and Computation: Practice and Experience10.1002/cpe.555632:5Online publication date: 7-Nov-2019
      • (2018)A Privacy-Preserving Attribute-Based Access Control SchemeSecurity, Privacy, and Anonymity in Computation, Communication, and Storage10.1007/978-3-030-05345-1_31(361-370)Online publication date: 7-Dec-2018
      • (2014)Access ControlComputing Handbook, Third Edition10.1201/b16812-54(1-26)Online publication date: 8-May-2014
      • (2013)Supporting User Privacy Preferences in Digital InteractionsComputer and Information Security Handbook10.1016/B978-0-12-394397-2.00046-5(813-834)Online publication date: 2013
      • (2013)Privacy on the InternetComputer and Information Security Handbook10.1016/B978-0-12-394397-2.00042-8(739-753)Online publication date: 2013
      • (2013)Protecting Sensitive Attributes in Attribute Based Access ControlService-Oriented Computing10.1007/978-3-642-37804-1_30(294-305)Online publication date: 2013
      • (2012)Integrating trust management and access control in data-intensive Web applicationsACM Transactions on the Web10.1145/2180861.21808636:2(1-43)Online publication date: 4-Jun-2012
      • (2011)Privacy Preservation in Role-based Access Control ModelJournal of Networks10.4304/jnw.6.8.1106-11136:8Online publication date: 1-Aug-2011
      • (2011)Expressive and Deployable Access Control in Open Web Service ApplicationsIEEE Transactions on Services Computing10.1109/TSC.2010.294:2(96-109)Online publication date: 1-Apr-2011
      • Show More Cited By

      View Options

      Login options

      View options

      PDF

      View or Download as a PDF file.

      PDF

      eReader

      View online with eReader.

      eReader

      Figures

      Tables

      Media

      Share

      Share

      Share this Publication link

      Share on social media