Interactive access control allows a server to compute on the fly missing credentials needed to grant access and to adapt its responses on the basis of client's presented and declined credentials. Yet, it may disclose too much information on what credentials a client needs. Automated trust negotiation allows for a controlled disclosure on what credentials a client has during a mutual disclosure process. Yet, it requires pre-arranged policies and sophisticated strategies. How do we bootstrap from simple security policies a comprehensive interactive trust management and negotiation scheme that combines the best of both worlds without their limitations? This is the subject of the paper. © 2005 by International Federation for Information Processing.
CITATION STYLE
Koshutanski, H., & Massacci, F. (2005). An interactive trust management and negotiation scheme. In IFIP Advances in Information and Communication Technology (Vol. 173, pp. 115–128). Springer New York LLC. https://doi.org/10.1007/0-387-24098-5_9
Mendeley helps you to discover research relevant for your work.