Exploiting Preferences for Minimal Credential Disclosure in Policy-Driven Trust Negotiations

  • Philipp Kärger
  • Daniel Olmedilla
  • Wolf-Tilo Balke
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5159)


Business processes in open distributed environments such as the Web force users to interact with other parties be it users or companies even if they have never had any common transaction in the past. Policy-driven trust negotiations emerged in order to address these situations. But although many policy languages and protocols have been defined, the problem of deciding which credential disclosure set to choose from those that possibly make a negotiation succeed is still subject of research. This paper explores the use of qualitative preferences in order to solve the problem and exploits the recently introduced notions of amalgamated and incremented preferences in order to allow for automated decisions which negotiations are preferred by the user. Our solution eases the task for the user of selection among all possible negotiations by removing irrelevant alternatives and it may even automatize negotiations that otherwise would require manual intervention.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Balke, W.-T., Güntzer, U., Lofi, C.: Incremental trade-off management for preference based queries. International Journal of Computer Science and Applications (IJCSA) 4(1) (2007)Google Scholar
  2. 2.
    Balke, W.-T., Zheng, J., Güntzer, U.: Efficient distributed skylining for web information systems. In: Bertino, E., Christodoulakis, S., Plexousakis, D., Christophides, V., Koubarakis, M., Böhm, K., Ferrari, E. (eds.) EDBT 2004. LNCS, vol. 2992. Springer, Heidelberg (2004)Google Scholar
  3. 3.
    Bentley, J., Kung, H., Schkolnick, M., Thompson, C.: On the average number of maxima in a set of vectors and applications. Journal of the ACM (JACM) 25(4) (1978)Google Scholar
  4. 4.
    Bertino, E., Ferrari, E., Squicciarini, A.C.: Trust-x: A peer-to-peer framework for trust establishment. IEEE Trans. Knowl. Data Eng. 16(7) (2004)Google Scholar
  5. 5.
    Bertino, E., Mileo, A., Provetti, A.: PDL with preferences. In: POLICY 2005. IEEE Computer Society, Los Alamitos (2005)Google Scholar
  6. 6.
    Borzsonyi, S., Kossmann, D., Stocker, K.: The skyline operator. In: International Conference on Data Engineering, Heidelberg, Germany (2001)Google Scholar
  7. 7.
    Chen, W., Clarke, L., Kurose, J., Towsley, D.: Optimizing costsensitive trust-negotiation protocols. In: Annual Joint Conference of the IEEE Computer and Communications Societies (2005)Google Scholar
  8. 8.
    Chomicki, J.: Preference formulas in relational queries. ACM Trans. Database Syst. 28(4), 427–466 (2003)CrossRefGoogle Scholar
  9. 9.
    Fishburn, P.: Preference structures and their numerical representations. Theoretical Computer Science 217, 359–383 (1999)MATHCrossRefMathSciNetGoogle Scholar
  10. 10.
    Holland, S., Kießling, W.: Situated preferences and preference repositories for personalized database applications. In: Atzeni, P., Chu, W., Lu, H., Zhou, S., Ling, T.-W. (eds.) ER 2004. LNCS, vol. 3288, pp. 511–523. Springer, Heidelberg (2004)Google Scholar
  11. 11.
    Keeney, R., Raiffa, H.: Decisions with Multiple Objectives: Preferences and Value Tradeoffs. Wiley, Chichester (1976)Google Scholar
  12. 12.
    Kießling, W.: Foundations of preferences in database systems. In: International Conference on Very Large Data Bases, Hong Kong, China (2002)Google Scholar
  13. 13.
    Kung, H., Luccio, F., Preparata, F.: On finding the maxima of a set of vectors. Journal of the ACM (JACM) 22(4) (1975)Google Scholar
  14. 14.
    Lee, A.J., Winslett, M., Basney, J., Welch, V.: Traust: a trust negotiation-based authorization service for open systems. In: SACMAT, ACM Press, New York (2006)Google Scholar
  15. 15.
    Li, J., Li, N.: Oacerts: Oblivious attribute certificates. IEEE Trans. Dependable Sec. Comput. 3(4) (2006)Google Scholar
  16. 16.
    Li, N., Mitchell, J.C.: Rt: A role-based trust-management framework. In: DISCEX (April 2003)Google Scholar
  17. 17.
    Luo, X., Jennings, N.R., Shadbolt, N.: Knowledge-based acquisition of tradeoff preferences for negotiating agents. In: International Conference on Electronic Commerce. ACM Press, New York (2003)Google Scholar
  18. 18.
    McGeachie, M., Doyle, J.: Efficient utility functions for ceteris paribus preferences. In: Conference on Artificial Intelligence and Conference on Innovative Applications of Artificial Intelligence, Edmonton, Canada (2002)Google Scholar
  19. 19.
    Olson, L.E., Rosulek, M.J., Winslett, M.: Harvesting credentials in trust negotiation as an honest-but-curious adversary. In: Workshop on Privacy in electronic society. ACM Press, New York (2007)Google Scholar
  20. 20.
    Papadias, D., Tao, Y., Fu, G., Seeger, B.: An optimal and progressive algorithm for skyline queries. In: ACM SIGMOD, San Diego, CA, USA (2003)Google Scholar
  21. 21.
    Sweeney, L.: Guaranteeing anonymity when sharing medical data, the datafly system. Journal of the American Medical Informatics Association (1997)Google Scholar
  22. 22.
    Winsborough, W.H., Seamons, K.E., Jones, V.E.: Automated trust negotiation. In: DARPA Information Survivability Conference and Exposition. IEEE Press, Los Alamitos (2000)Google Scholar
  23. 23.
    Yao, D., Frikken, K., Atallah, M., Tamassia, R.: Point-based trust: Define how much privacy is worth. In: Ning, P., Qing, S., Li, N. (eds.) ICICS 2006. LNCS, vol. 4307, Springer, Heidelberg (2006)CrossRefGoogle Scholar
  24. 24.
    Yu, T., Winslett, M., Seamons, K.E.: Interoperable strategies in automated trust negotiation. In: CCS (2001)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2008

Authors and Affiliations

  • Philipp Kärger
    • 1
  • Daniel Olmedilla
    • 1
  • Wolf-Tilo Balke
    • 1
  1. 1.L3S Research Center and LeibnizUniversity of HannoverHannoverGermany

Personalised recommendations