Traust and PeerTrust2: Applying Trust Negotiation to Real Systems

Page Content

Marianne Winslett - University of Illinois at Urbana-Champaign

Apr 20, 2005

Size:

Download: MP4 Video   Watch in your Browser (Flash Required)   RealVideo

Abstract

Automated trust negotiation is an approach to authorization for open systems, i.e., systems where resources are shared across organizational boundaries. Automated trust negotiation enables open computing by assigning an access control policy to each resource that is to be made accessible to "outsiders"; an attempt to access the resource triggers a trust negotiation, consisting of the iterative, bilateral disclosure of digital credentials and related information. In our recent work in applying the TrustBuilder system for trust negotiation to real-world systems, we have encountered the need to make trust negotiation facilities available to legacy peers, which has led to the development of the Traust system. We have also encountered the need to include helpful third parties in the negotiation process, such as credential wallets, remote authorization servers, and brokers. PeerTrust2 is our effort to design a language that allows us to reason about trust negotiations involving helpful third parties, while supporting exposure control, delegation, proof hints, declarations of purpose, sensitive policies, and other potentially useful aspects of access control. In this talk, I will demonstrate Traust and describe its internal design, and then describe PeerTrust2.

About the Speaker

Marianne Winslett has been a professor at the University of Illinois at Urbana-Champaign since 1987. Her current research interests include security in open systems and data management for high-performance parallel scientific applications. She was an editor for ACM Transactions on Database Systems from 1994 to 2004, and has been the vice-chair of ACM SIGMOD
since 2000. She received an NSF Presidential Young Investigator Award in 1989.

Footer

Intranet Site