Skip to main content
placeholder image

Secure and efficient trust negotiation

Journal Article


Abstract


  • The notion of Hidden Credentials can be applied to protection

    of sensitive credentials, resources and policies in Trust Negotiation.

    It allows the server to encrypt a resource so that only the client with the

    correct credentials can decrypt it. The existing scheme of hidden credentials

    requires that the server grant access to the encrypted resource

    directly to the client during the negotiation without knowing whether

    or not the client can decrypt it. It would be a burden if the resources

    were very large. We found that when the server grants access to services

    rather than resources, the existing hidden credentials schemes are

    insecure under our policy attacks, since the server can illegally learn the

    clients credentials from the attack. In this paper, we propose a scheme

    to stop the server from mounting a policy attack.

UOW Authors


  •   Guo, Fuchun
  •   Chen, Zhide (external author)
  •   Mu, Yi (external author)
  •   Xu, Li (external author)
  •   Zhang, Shengyuan (external author)

Publication Date


  • 2007

Citation


  • Guo, F., Chen, Z., Mu, Y., Xu, L. & Zhang, S. (2007). Secure and efficient trust negotiation. Y. Cheung, H. Liu & Y. Wang In International Conference on Computational Intelligence and Security, 3-6 Nov 2006, China. Lecture Notes in Artificial Intelligence, 4456 (2007), 374-384.

Scopus Eid


  • 2-s2.0-38349027410

Ro Metadata Url


  • http://ro.uow.edu.au/infopapers/1391

Number Of Pages


  • 10

Start Page


  • 374

End Page


  • 384

Volume


  • 4456

Issue


  • 2007

Place Of Publication


  • Germany

Abstract


  • The notion of Hidden Credentials can be applied to protection

    of sensitive credentials, resources and policies in Trust Negotiation.

    It allows the server to encrypt a resource so that only the client with the

    correct credentials can decrypt it. The existing scheme of hidden credentials

    requires that the server grant access to the encrypted resource

    directly to the client during the negotiation without knowing whether

    or not the client can decrypt it. It would be a burden if the resources

    were very large. We found that when the server grants access to services

    rather than resources, the existing hidden credentials schemes are

    insecure under our policy attacks, since the server can illegally learn the

    clients credentials from the attack. In this paper, we propose a scheme

    to stop the server from mounting a policy attack.

UOW Authors


  •   Guo, Fuchun
  •   Chen, Zhide (external author)
  •   Mu, Yi (external author)
  •   Xu, Li (external author)
  •   Zhang, Shengyuan (external author)

Publication Date


  • 2007

Citation


  • Guo, F., Chen, Z., Mu, Y., Xu, L. & Zhang, S. (2007). Secure and efficient trust negotiation. Y. Cheung, H. Liu & Y. Wang In International Conference on Computational Intelligence and Security, 3-6 Nov 2006, China. Lecture Notes in Artificial Intelligence, 4456 (2007), 374-384.

Scopus Eid


  • 2-s2.0-38349027410

Ro Metadata Url


  • http://ro.uow.edu.au/infopapers/1391

Number Of Pages


  • 10

Start Page


  • 374

End Page


  • 384

Volume


  • 4456

Issue


  • 2007

Place Of Publication


  • Germany