{"title":"基于隐藏凭证的遗忘自动信任协商模型","authors":"Zhensong Liao, Hai Jin, Deqing Zou","doi":"10.1109/ICEBE.2007.59","DOIUrl":null,"url":null,"abstract":"Automated trust negotiation (ATN) is an important means to establish trust between strangers through the exchange of digital credentials and access control policies specifying what credentials a stranger must submit in the open and distributed environment. While ATN brings convenience, there are still two issues unsolved successfully: 1) to protect the transmitting message; 2) to prevent the sensitive information leakage. Hidden credential can provide high security level to protect sensitive resources, policies and credentials from being attacked. Zero-knowledge is an important means to avoid leakage and can be used to protect the user's private context and sensitive information from unauthorized inferences. If hidden credentials and zero-knowledge are well-combined and redesigned, they can jointly make ATN better. Based on these, a hidden credential based oblivious automated trust negotiation model (HBOA) is proposed in this paper. In the model, the negotiation information is carried by hidden credentials, which have the same secure level with elliptic curve. Zero-knowledge protocol is provided by Pedersen commitment scheme, which ensures that no sensitive information can be attained by authorized users. A practical example is given to prove its usability.","PeriodicalId":184487,"journal":{"name":"IEEE International Conference on e-Business Engineering (ICEBE'07)","volume":"10 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2007-10-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"24","resultStr":"{\"title\":\"A Hidden Credential Based Oblivious Automated Trust Negotiation Model\",\"authors\":\"Zhensong Liao, Hai Jin, Deqing Zou\",\"doi\":\"10.1109/ICEBE.2007.59\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Automated trust negotiation (ATN) is an important means to establish trust between strangers through the exchange of digital credentials and access control policies specifying what credentials a stranger must submit in the open and distributed environment. While ATN brings convenience, there are still two issues unsolved successfully: 1) to protect the transmitting message; 2) to prevent the sensitive information leakage. Hidden credential can provide high security level to protect sensitive resources, policies and credentials from being attacked. Zero-knowledge is an important means to avoid leakage and can be used to protect the user's private context and sensitive information from unauthorized inferences. If hidden credentials and zero-knowledge are well-combined and redesigned, they can jointly make ATN better. Based on these, a hidden credential based oblivious automated trust negotiation model (HBOA) is proposed in this paper. In the model, the negotiation information is carried by hidden credentials, which have the same secure level with elliptic curve. Zero-knowledge protocol is provided by Pedersen commitment scheme, which ensures that no sensitive information can be attained by authorized users. A practical example is given to prove its usability.\",\"PeriodicalId\":184487,\"journal\":{\"name\":\"IEEE International Conference on e-Business Engineering (ICEBE'07)\",\"volume\":\"10 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2007-10-24\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"24\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"IEEE International Conference on e-Business Engineering (ICEBE'07)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICEBE.2007.59\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"IEEE International Conference on e-Business Engineering (ICEBE'07)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICEBE.2007.59","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
A Hidden Credential Based Oblivious Automated Trust Negotiation Model
Automated trust negotiation (ATN) is an important means to establish trust between strangers through the exchange of digital credentials and access control policies specifying what credentials a stranger must submit in the open and distributed environment. While ATN brings convenience, there are still two issues unsolved successfully: 1) to protect the transmitting message; 2) to prevent the sensitive information leakage. Hidden credential can provide high security level to protect sensitive resources, policies and credentials from being attacked. Zero-knowledge is an important means to avoid leakage and can be used to protect the user's private context and sensitive information from unauthorized inferences. If hidden credentials and zero-knowledge are well-combined and redesigned, they can jointly make ATN better. Based on these, a hidden credential based oblivious automated trust negotiation model (HBOA) is proposed in this paper. In the model, the negotiation information is carried by hidden credentials, which have the same secure level with elliptic curve. Zero-knowledge protocol is provided by Pedersen commitment scheme, which ensures that no sensitive information can be attained by authorized users. A practical example is given to prove its usability.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
