automatic trust negotiation presented by: scott hackman 1scott hackman – cs5204 – operating...

Automatic Trust Negotiation

Presented by: Scott Hackman

1Scott Hackman – CS5204 – Operating Systems


Reference

Trust-X: A Peer-to-Peer Framework for Trust Establishment

Elisa Bertino, Elena Ferrari, Anna Cinzia Squicciarini

Scott Hackman – CS5204 – Operating Systems 2


What Is Trust Negotiation?

Would you give your credit card number to a website if you didn’t know who was running it?

No! The Internet is a hostile environment where identities aren’t always known. Sensitive information transfer can be dangerous under these conditions.

This paper establishes a framework to allow two parties, who may have never interacted before, to exchange information in a bilateral and incremental way to gain each other’s trust prior to divulging sensitive information.

We perform the same fundamental algorithm every day when we interact with people.



About The Paper

Trust-X: A Peer-to-Peer Framework for Trust Establishment is designed to compile work already done in this field, along with some added novel concepts by the authors, to create an implementable architecture for Trust Establishment.



ATN is NOT Encryption

Trust Negotiation is designed to work with public key encryption: Even though you may possess an x-bit key that can’t be cracked, there is no guarantee that the person, or computer, that you are interacting with is who they say they are.

Public key encryption should be used to pass data between two entities to ensure confidential data transfer; ATN verifies identity and qualification, not data security.



XML Syntax Example



Trust-X Basics


Generally, interactions between two entities:Controllers (CN)Requesters (RQ)

Information that is passed:Credentials – More sensitive informationDeclarations – Less sensitive – Ex: user preferences.

Negotiation Phase:Two parties perform a back-and-forth negotiation until both parties agree on a chain of events that will get them to their goal state (DELIV). It is important to remember, that no actual data is passed during this phase (they agree when to pass credit card data in their chain, but that actual data isn’t passed yet)


Trust-X Basics


Policies:The “rules” that each entity establishes for its own protection. For example, “I won’t give an employee a rental car until I know they have a valid ID and company badge.”


Architecture for Trust-X Negotiation



Policy Example


- Employees can rent with a company badge and ID card.- Non-employees can rent with drivers license and credit card.


Policies – Big Picture


How to buildTrust.


Negotiation Process


Taken from Prof. Kafura’s PowerPoint which was modified from http://www.ccs.neu.edu/home/ahchan/wsl/symposium/bertino.ppt


Well-formed chain


How do we know a set of policies will let us achieve our goal? (Decided during negotiation)


Negotiation Tree

A tree that traverses valid policies between the Controller and Requester until an agreement is met that goes from initial communication to DELIV state (or Fail state if none exist).



Negotiation Tree Basics



Negotiation Tree Example



Questions?


automatic trust negotiation presented by: scott hackman 1scott hackman – cs5204 – operating...

Documents

credit card data

data security

peer framework

negotiation phase

id card

actual data isnt

encryptiontrust negotiation

backandforth negotiation