Presentation is loading. Please wait.

Presentation is loading. Please wait.

Automatic Trust Negotiation Presented by: Scott Hackman 1Scott Hackman – CS5204 – Operating Systems.

Published byFlorence Bruce Modified over 8 years ago

Similar presentations

Presentation on theme: "Automatic Trust Negotiation Presented by: Scott Hackman 1Scott Hackman – CS5204 – Operating Systems."— Presentation transcript:

1 Automatic Trust Negotiation Presented by: Scott Hackman 1Scott Hackman – CS5204 – Operating Systems

2 Automatic Trust Negotiation Reference Trust-X: A Peer-to-Peer Framework for Trust Establishment Elisa Bertino, Elena Ferrari, Anna Cinzia Squicciarini Scott Hackman – CS5204 – Operating Systems2

3 Automatic Trust Negotiation What Is Trust Negotiation? Would you give your credit card number to a website if you didn’t know who was running it? No! The Internet is a hostile environment where identities aren’t always known. Sensitive information transfer can be dangerous under these conditions. This paper establishes a framework to allow two parties, who may have never interacted before, to exchange information in a bilateral and incremental way to gain each other’s trust prior to divulging sensitive information. We perform the same fundamental algorithm every day when we interact with people. Scott Hackman – CS5204 – Operating Systems3

4 Automatic Trust Negotiation About The Paper Trust-X: A Peer-to-Peer Framework for Trust Establishment is designed to compile work already done in this field, along with some added novel concepts by the authors, to create an implementable architecture for Trust Establishment. Scott Hackman – CS5204 – Operating Systems4

5 Automatic Trust Negotiation ATN is NOT Encryption Trust Negotiation is designed to work with public key encryption: Even though you may possess an x-bit key that can’t be cracked, there is no guarantee that the person, or computer, that you are interacting with is who they say they are. Public key encryption should be used to pass data between two entities to ensure confidential data transfer; ATN verifies identity and qualification, not data security. Scott Hackman – CS5204 – Operating Systems5

6 Automatic Trust Negotiation XML Syntax Example Scott Hackman – CS5204 – Operating Systems6

7 Automatic Trust Negotiation Trust-X Basics Scott Hackman – CS5204 – Operating Systems7 Generally, interactions between two entities: Controllers (CN) Requesters (RQ) Information that is passed: Credentials – More sensitive information Declarations – Less sensitive – Ex: user preferences. Negotiation Phase: Two parties perform a back-and-forth negotiation until both parties agree on a chain of events that will get them to their goal state (DELIV). It is important to remember, that no actual data is passed during this phase (they agree when to pass credit card data in their chain, but that actual data isn’t passed yet)

8 Automatic Trust Negotiation Trust-X Basics Scott Hackman – CS5204 – Operating Systems8 Policies: The “rules” that each entity establishes for its own protection. For example, “I won’t give an employee a rental car until I know they have a valid ID and company badge.”

9 Automatic Trust Negotiation Architecture for Trust-X Negotiation Scott Hackman – CS5204 – Operating Systems9

10 Automatic Trust Negotiation Policy Example Scott Hackman – CS5204 – Operating Systems10 - Employees can rent with a company badge and ID card. - Non-employees can rent with drivers license and credit card.

11 Automatic Trust Negotiation Policies – Big Picture Scott Hackman – CS5204 – Operating Systems11 How to build Trust.

12 Automatic Trust Negotiation Negotiation Process Scott Hackman – CS5204 – Operating Systems12 Taken from Prof. Kafura’s PowerPoint which was modified from http://www.ccs.neu.edu/home/ahchan/wsl/symposium/bertino.ppt

13 Automatic Trust Negotiation Well-formed chain Scott Hackman – CS5204 – Operating Systems13 How do we know a set of policies will let us achieve our goal? (Decided during negotiation)

14 Automatic Trust Negotiation Negotiation Tree A tree that traverses valid policies between the Controller and Requester until an agreement is met that goes from initial communication to DELIV state (or Fail state if none exist). Scott Hackman – CS5204 – Operating Systems14

15 Automatic Trust Negotiation Negotiation Tree Basics Scott Hackman – CS5204 – Operating Systems15

16 Automatic Trust Negotiation Negotiation Tree Example Scott Hackman – CS5204 – Operating Systems16

17 Automatic Trust Negotiation Questions? Scott Hackman – CS5204 – Operating Systems17

Download ppt "Automatic Trust Negotiation Presented by: Scott Hackman 1Scott Hackman – CS5204 – Operating Systems."

Similar presentations

Internet Protocol Security (IP Sec)

Internet Protocol Security (IP Sec)
Secure Mobile IP Communication

Secure Mobile IP Communication
Automatic Trust Negotiation 1Dennis Kafura – CS5204 – Operating Systems.

Automatic Trust Negotiation 1Dennis Kafura – CS5204 – Operating Systems.
1 Privacy Prof. Ravi Sandhu Executive Director and Endowed Chair March 8, 2013 © Ravi Sandhu World-Leading Research.

1 Privacy Prof. Ravi Sandhu Executive Director and Endowed Chair March 8, © Ravi Sandhu World-Leading Research.
Secure Socket Layer.

Secure Socket Layer.
A Public Web Services Security Framework Based on Current and Future Usage Scenarios J.Thelin, Chief Architect PJ.Murray, Product Manager Cape Clear Software.

A Public Web Services Security Framework Based on Current and Future Usage Scenarios J.Thelin, Chief Architect PJ.Murray, Product Manager Cape Clear Software.
PKI Implementation in the Real World

PKI Implementation in the Real World
ESign-Online Digital Signature Service February 2015 Controller of Certifying Authorities Department of Electronics and Information Technology Ministry.

ESign-Online Digital Signature Service February 2015 Controller of Certifying Authorities Department of Electronics and Information Technology Ministry.
Identity Management Based on P3P Authors: Oliver Berthold and Marit Kohntopp P3P = Platform for Privacy Preferences Project.

Identity Management Based on P3P Authors: Oliver Berthold and Marit Kohntopp P3P = Platform for Privacy Preferences Project.
Cryptography. 2 Objectives Explain common terms used in the field of cryptography Outline what mechanisms constitute a strong cryptosystem Demonstrate.

Cryptography. 2 Objectives Explain common terms used in the field of cryptography Outline what mechanisms constitute a strong cryptosystem Demonstrate.
Title of Selected Paper: Design and Implementation of Secure Embedded Systems Based on Trustzone Authors: Yan-ling Xu, Wei Pan, Xin-guo Zhang Presented.

Title of Selected Paper: Design and Implementation of Secure Embedded Systems Based on Trustzone Authors: Yan-ling Xu, Wei Pan, Xin-guo Zhang Presented.
Cryptography and Authentication Lab ECE4112 Group4 Joel Davis Scott Allen Quinn.

Cryptography and Authentication Lab ECE4112 Group4 Joel Davis Scott Allen Quinn.
Mar 12, 2002Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities SSL/TLS.

Mar 12, 2002Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities SSL/TLS.
Lecture 2 Page 1 CS 236, Spring 2008 Security Principles and Policies CS 236 On-Line MS Program Networks and Systems Security Peter Reiher Spring, 2008.

Lecture 2 Page 1 CS 236, Spring 2008 Security Principles and Policies CS 236 On-Line MS Program Networks and Systems Security Peter Reiher Spring, 2008.
Mar 4, 2003Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities.

Mar 4, 2003Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities.
Elisa Bertino Dept. of Computer Science University of Milano Page 1 Author-X Secure and selective access and flexible distribution mechanisms for XML documents.

Elisa Bertino Dept. of Computer Science University of Milano Page 1 Author-X Secure and selective access and flexible distribution mechanisms for XML documents.
SLIDE 1 Department of Computer Science A flexible access control model for web services Elisa Bertino, Anna Cinzia Squicciarini Lorenzo Martino, Federica.

SLIDE 1 Department of Computer Science A flexible access control model for web services Elisa Bertino, Anna Cinzia Squicciarini Lorenzo Martino, Federica.
Chapter 8 Web Security.

Chapter 8 Web Security.
Electronic Commerce. On-line ordering---an e-commerce application On-line ordering assumes that: A company publishes its catalog on the Internet; Customers.

Electronic Commerce. On-line ordering---an e-commerce application On-line ordering assumes that: A company publishes its catalog on the Internet; Customers.
Pay As You Go – Associating Costs with Jini Leases By: Peer Hasselmeyer and Markus Schumacher Presented By: Nathan Balon.

Pay As You Go – Associating Costs with Jini Leases By: Peer Hasselmeyer and Markus Schumacher Presented By: Nathan Balon.

Similar presentations

Ads by Google