Abstract
Accessing information over the Internet has become an essential requirement in modern economy, and unknown parties can come together on the Net and interact for the purpose of acquiring or offering services. The open and dynamic nature of such a scenario requires new protocols allowing parties to communicate and enforce security specifications related to access control conditions to be fulfilled. In this paper we discuss several issues to be investigated in the development of these flexible interaction protocols.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Altenschmidt, C., Biskup, J., Flegel, U., Karabulut, Y.: Secure Mediation: Requirements and Design. In: Proc. of the 12th IFIP WG11.3 Working Conference on Database and Application Security, Chalkidiki, Greece (July 1998)
Blaze, M., Feigenbaum, J., Ioannidis, J., Keromytis, A.D.: The Role of Trust Management in Distributed Systems Security. In: Secure Internet Programming: Issues in Distributed and Mobile Object Systems. LNCS State-of-the-Art series. Springer, Heidelberg (1998)
Blaze, M., Feigenbaum, J., Lacy, J.: Decentralized Trust Management. In: Proc. of 1996 IEEE Symposium on Security and Privacy, Oakland, CA, May 1996, pp. 164–173 (1996)
Biskup, J., Karabulut, Y.: A Hybrid PKI Model with an Application for Secure Mediation. In: Proc. of the 16th Annual IFIP WG 11.3 Working Conference on Data and Application Security, July 2002, King’s College, Cambridge (2002)
Bonatti, P., Samarati, P.: A Unified Framework for Regulating Access and Information Release on the Web. Journal of Computer Security (2002) (to appear)
Chu, Y.-H.: Joan Feigenbaum, B. LaMacchia, P. Resnick, and M. Strauss. REFEREE: trust management for Web applications. World Wide Web Journal 2(3), 706–734 (1997)
Chang, C.-C.K., Garcia-Molina, H.: Mind Your Vocabulary: Query Mapping Across Heterogeneous Information Sources. In: Proc. of the 1999 ACM-SIGMOD, pp. 335–346 (1999)
Housley, R., Ford, W., Polk, W., Solo, D.: Internet X.509 Public Key Infrastructure Certificate and CRL Profile, 2459th edn. (January 1999), http://www.ietf.org/rfc/rfc2459.txt
Jajodia, S., Samarati, P., Sapino, M.L., Subrahmanian, V.S.: Flexible Support for Multiple Access Control Policies. ACM Transactions on Database Systems 26(2), 18–28 (2001)
Li, N., Winsborough, W.H., Mitchell, J.C.: Distributed Credential Chain Discovery in Trust Management. In: Proc. of the Eighth ACM Conference on Computer and Communications Security, Philadelphia, PA, USA (2001)
Seamons, K.E., Winsborough, W., Winslett, M.: Internet Credential Acceptance Policies. In: Proceedings of the Workshop on Logic Programming for Internet Applications, Leuven, Belgium (July 1997)
Winslett, M., Ching, N., Jones, V., Slepchin, I.: Assuring Security and Privacy for Digital Library Transactions on the Web: Client and Server Security Policies. In: Proceedings of ADL 1997 — Forum on Research and Tech. Advances in Digital Libraries, Washington, DC (May 1997)
Winslett, M., Ching, N., Jones, V., Slepchin, I.: Using Digital Credentials on the World-Wide Web. In: Journal of Computer Security (1997)
Winsborough, W., Seamons, K.E., Jones, V.: Automated Trust Negotiation. In: Proc. of the DARPA Information Survivability Conf. & Exposition, Hilton Head Island, January 25-27. IEEE-CS, Los Alamitos (2000)
Yu, T., Ma, X., Winslett, M.: An Efficient Complete Strategy for Automated Trust Negotiation over the Internet. In: Proceedings of 7th ACM Computer and Communication Security, Athens, Greece (November 2000)
Yu, T., Winslett, M., Seamons, K.E.: Interoperable Strategies in Automated Trust Negotiation. In: Proc. of the Eighth ACM Conference on Computer and Communications Security, Philadelphia, PA, USA (2001)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2005 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Bonatti, P.A., De Capitani di Vimercati, S., Samarati, P. (2005). Towards Flexible Credential Negotiation Protocols. In: Christianson, B., Crispo, B., Malcolm, J.A., Roe, M. (eds) Security Protocols. Security Protocols 2003. Lecture Notes in Computer Science, vol 3364. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11542322_4
Download citation
DOI: https://doi.org/10.1007/11542322_4
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-28389-8
Online ISBN: 978-3-540-31836-1
eBook Packages: Computer ScienceComputer Science (R0)