Privacy Preserving Trust Authorization Framework Using XACML (original) (raw)

A Privacy Trust and Policy Based Authorization Framework for Services in Distributed Environments

Distributed Environments are touching new heights, becoming more useful, popular and more complex with the emergence of service oriented architecture and computing technologies like peer-to-peer, autonomic, pervasive and grid etc. These technologies aim to enable large scale resource sharing. Security is a big and challenging issue in these environments as it involves the federation of multiple heterogeneous, geographically distributed autonomous administrative domains. The dynamic and multi-institutional nature of service oriented environments like grid and web introduces several challenging security issues that require new technical approaches. This paper proposes a privacy, trust and policy based authorization framework for grid and web services, but, in fact can be amended for any distributed, service oriented computing environment as most of the elements defined in the framework are general and adaptable in other computing environments. The framework is intended to provide a simple, powerful, flexible and scalable authorization infrastructure for services exposed in a large scale distributed environment. The paper also discusses a prototype implementation of the proposed framework. For implementation, we are making use of web services security specifications supported by WSE 3.0. Sample implementation has shown that the architecture is capable of meeting the identified security requirements and the approach is workable.

Traust: a trust negotiation-based authorization service for open systems

2006

Open computing systems aim to enable effective resource and information sharing between authorized users in multiple security domains. Making access control decisions in these systems is a difficult task, as a potentially unbounded number of users and resources exist in an environment with few guarantees regarding established trust relationships. Current access control mechanisms fail to adequately meet the needs of these systems due to design assumptions that are incompatible with the trust model used in open systems.

A Flexible Architecture for Privacy-Aware Trust Management

Journal of theoretical and applied electronic commerce research, 2010

In service-oriented systems a constellation of services cooperate, sharing potentially sensitive information and responsibilities. Cooperation is only possible if the different participants trust each other. As trust may depend on many different factors, in a flexible framework for Trust Management (TM) trust must be computed by combining different types of information. In this paper we describe the TAS 3 TM framework which integrates independent TM systems into a single trust decision point. The TM framework supports intricate combinations whilst still remaining easily extensible. It also provides a unified trust evaluation interface to the (authorization framework of the) services. We demonstrate the flexibility of the approach by integrating three distinct TM paradigms: reputation-based TM, credential-based TM, and Key Performance Indicator TM. Finally, we discuss privacy concerns in TM systems and the directions to be taken for the definition of a privacy-friendly TM architecture.

Towards practical automated trust negotiation

Proceedings Third International Workshop on Policies for Distributed Systems and Networks

Exchange of attribute credentials is a means to establish mutual trust between strangers that wish to share resources or conduct business transactions. Automated Trust Negotiation (ATN) is an approach to regulate the exchange of sensitive credentials by using access control policies. Existing ATN work makes unrealistic simplifying assumptions about credential-representation languages and credential storage. Moreover, while existing work protects the transmission of credentials, it fails to hide the contents of credentials, thus providing uncontrolled access to potentially sensitive attributes. To protect information about sensitive attributes, we introduce the notion of attribute acknowledgment policies (Ack policies). We then introduce the trust target graph (TTG) protocol, which supports a more realistic credential language, Ack policies, and distributed storage of credentials.

PP-trust-X: A system for privacy preserving trust negotiations

2007

Abstract Trust negotiation is a promising approach for establishing trust in open systems, in which sensitive interactions may often occur between entities with no prior knowledge of each other. Although, to date several trust negotiation systems have been proposed, none of them fully address the problem of privacy preservation.

Proposing a Secure XACML architecture ensuring privacy and trust

2005

Abstract The Extensible Access Control Markup Language (XACML) is a platform independent standard based access control policy specification language. It defines rules on how authorization decisions from evaluating applicable access control policies are combined. However, it fails to incorporate built-in trust and privacy-enhancing mechanisms. There are some possible attacks that are identified in the specification that can potentially breach the security of a system using XACML.

Requirements for policy languages for trust negotiation

policy, 2002

In open systems like the Internet, traditional approaches to security based on identity do not provide a solution to the problem of establishing trust between strangers, because strangers do not share the same security domain. A new approach to establishing trust between strangers is trust negotiation, the bilateral exchange of digital credentials describing attributes of the negotiation participants. This approach relies on access control policies that govern access to protected resources by specifying credential combinations that must be submitted to obtain authorization. In this paper we describe a model for trust negotiation, focusing on the central role of policies. We delineate requirements for policy languages and runtime systems for trust negotiation, and evaluate four existing policy languages for trust management with respect to those requirements. We conclude with recommendations for extending existing policy languages or developing new policy languages to make them suitable for use in future trust negotiation systems.

The Traust Authorization Service

ACM Transactions on Information and System Security, 2008

In recent years, trust negotiation has been proposed as a novel authorization solution for use in open-system environments, in which resources are shared across organizational boundaries. Researchers have shown that trust negotiation is indeed a viable solution for these environments by developing a number of policy languages and strategies for trust negotiation that have desirable theoretical properties. Further, existing protocols, such as TLS, have been altered to interact with prototype trust negotiation systems, thereby illustrating the utility of trust negotiation. Unfortunately, modifying existing protocols is often a time-consuming and bureaucratic process that can hinder the adoption of this promising technology.

Automated trust negotiation using cryptographic credentials

ACM Transactions on Information and System Security, 2009

In automated trust negotiation (ATN), two parties exchange digitally signed credentials that contain attribute information to establish trust and make access control decisions. Because the information in question is often sensitive, credentials are protected according to access control policies. In traditional ATN, credentials are transmitted either in their entirety or not at all. This approach can at times fail unnecessarily, either because a cyclic dependency makes neither negotiator willing to reveal her credential before her opponent because the opponent must be authorized for all attributes packaged together in a credential to receive any of them, or because it is necessary to disclose the precise attribute values, rather than merely proving they satisfy some predicate (such as being over 21 years of age). Recently, several cryptographic credential schemes and associated protocols have been developed to address these and other problems. However, they can be used only as fragme...

Adaptive Trust Negotiation and Access Control

2005

Electronic transactions regularly occur between business partners in separate security domains. Trust negotiation is an approach that provides an open authentication and access-control environment for such transactions, but it is vulnerable to malicious attacks leading to denial of service or leakage of sensitive information. This paper introduces an Adaptive Trust Negotiation and Access Control (ATNAC) framework to solve these problems. The framework combines two existing systems, TrustBuilder and GAA-API, to create a system with more flexibility and responsiveness to attack than either system currently provides.