Abstract
The notion of Hidden Credentials can be applied to protection of sensitive credentials, resources and policies in Trust Negotiation. It allows the server to encrypt a resource so that only the client with the correct credentials can decrypt it. The existing scheme of hidden credentials requires that the server grant access to the encrypted resource directly to the client during the negotiation without knowing whether or not the client can decrypt it. It would be a burden if the resources were very large. We found that when the server grants access to services rather than resources, the existing hidden credentials schemes are insecure under our policy attacks, since the server can illegally learn the client’s credentials from the attack. In this paper, we propose a scheme to stop the server from mounting a policy attack.
This work is partially supported by the Fund of National Natural Science Foundation of China (#60502047), Education Bureau of Fujian Province (#JB05329), and the Science and Technology of Fujian Province (2006F5036).
This is a preview of subscription content, log in via an institution to check access.
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Boneh, D., Franklin, M.: Identity-Based Encryption from the Weil Pairing. In: Kilian, J. (ed.) Advances in Cryptology - CRYPTO 2001. LNCS, vol. 2139, Springer, Heidelberg (2001)
Benaloh, J., de Mare, M.: One-way accumulators: A decentralized alternative to digital signatures. In: Helleseth, T. (ed.) Advances in Cryptology - EUROCRYPT ’93. LNCS, vol. 765, Springer, Heidelberg (1994)
Bradshaw, R., Holt, J., Seamons, K.: Concealing Complex Policies with Hidden Credentials. In: Proceedings of the 11th ACM Conference, pp. 146–157. ACM Press, New York (2004)
Camenisch, J., Lysyanskaya, A.: Dynamic accumulators and ap- plications to efficient revocation of anonymous credentials. In: Yung, M. (ed.) Advances in Cryptology - CRYPTO 2002. LNCS, vol. 2442, Springer, Heidelberg (2002)
Frikken, K.B., Atallah, M.J., Li, J.: Hidden access control policies with hidden crentials. In: Proceedings of Workshop on Privacy in the Electronic Society, pp. 27–28 (2004)
Frikken, K.B., Li, J., Atallah, M.: Trust Negotiation with hidden credentials, hidden policies, and policy cycles. In: Proceedings of 13th Annual Network and Distributed System Security Symposium (NDSS) ,California, pp. 157–172 (February 2006)
J.E. Holt, R. W. Bradshaw, K. E. Seamons, and H. Orman: Hidden credentials. In: Proceedings of the 2nd ACM Workshop on Privacy in the Electronic Society, Washington, DC. October 1-8, 2003 (2003)
Winsborough, W.H., Li, N.: Protecting Sensitive Attributes in Automated Trust Negotiation. In: Proceedings of ACM Workshop on Privacy in the Electronic Society, Washington, DC, 2002, pp. 41–51 2002
Winsborough, W.H., Li, N.: Towards Practical Trust Negotiation. In: Proceedings of the Third International Workshop on Policies for Distributed Systems and Networks (POLICY 2002), Monterey, California, pp. 92–103 (2002)
Winsborough, W.H., Seamons, K.E., Jones, V.E.: Automated Trust Negotiation. In: DARPA Information Survivability Conference and Exposition DISCEX2000. Vol.1, pp. 88–102 (January 2000)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2007 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Guo, F., Chen, Z., Mu, Y., Xu, L., Zhang, S. (2007). Secure and Efficient Trust Negotiation. In: Wang, Y., Cheung, Ym., Liu, H. (eds) Computational Intelligence and Security. CIS 2006. Lecture Notes in Computer Science(), vol 4456. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-74377-4_40
Download citation
DOI: https://doi.org/10.1007/978-3-540-74377-4_40
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-74376-7
Online ISBN: 978-3-540-74377-4
eBook Packages: Computer ScienceComputer Science (R0)