The notion of Hidden Credentials can be applied to protection of sensitive credentials, resources and policies in Trust Negotiation. It allows the server to encrypt a resource so that only the client with the correct credentials can decrypt it. The existing scheme of hidden credentials requires that the server grant access to the encrypted resource directly to the client during the negotiation without knowing whether or not the client can decrypt it. It would be a burden if the resources were very large. We found that when the server grants access to services rather than resources, the existing hidden credentials schemes are insecure under our policy attacks, since the server can illegally learn the client's credentials from the attack. In this paper, we propose a scheme to stop the server from mounting a policy attack. © Springer-Verlag Berlin Heidelberg 2007.
CITATION STYLE
Guo, F., Chen, Z., Mu, Y., Xu, L., & Zhang, S. (2007). Secure and efficient trust negotiation. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 4456 LNAI, pp. 374–384). https://doi.org/10.1007/978-3-540-74377-4_40
Mendeley helps you to discover research relevant for your work.