In automated trust negotiation (ATN), two parties exchange digitally signed credentials that contain attribute information to establish trust and make access control decisions. Because the information in question is often sensitive, credentials are protected by access control policies. In traditional ATN, credentials are transmitted either in their entirety or not at all. This approach can at times fail unnecessarily, either because a cyclic dependency makes neither negotiator willing to reveal her credential before her opponent, because the opponent must be authorized for all attributes packaged together in a credential to receive any of them, or because it is necessary to fully disclose exact attribute values, rather than merely proving the satisfy some predicate (such as being over 21 years of age).
We develop a number of techniques for addressing the problem. We propose a new attribute credential scheme, called oblivious attribute certificates (OACerts), in which a credential holder can select which attributes to use and how to use them. In particular, a user can use attribute values stored in an OACert obliviously, i.e., the user obtains a service if and only if the attribute values satisfy the policy of the service provider, yet the service provider learns nothing about these attribute values. Furthermore, we develop a policy-hiding access control scheme that protects both sensitive attribute values and sensitive policies. That is, the service provider can decide whether the user's certified attribute values satisfy his policy, without the service provider learning any other information about the user's attribute values or the user learning the service provider's policy. We finally introduce a framework for ATN in which OACerts and other credential schemes can be combined, integrated, and used as needed. This framework includes a logic-based policy language and a trust negotiation protocol.
Jiangtao Li is a Ph.D. candidate in computer science at Purdue University. He received his B.S. degree from the University of Science and Technology of China and M.S. degree from Purdue University. His research interests are in the area of information security, in particular, access control, applied cryptography, and privacy.