Traust and PeerTrust2: Applying Trust Negotiation to Real Systems

Apr 20, 2005

Download: MP4 Video Size: 156.4MB  
Watch on YouTube

Abstract

Automated trust negotiation is an approach to authorization for open systems, i.e., systems where resources are shared across organizational boundaries. Automated trust negotiation enables open computing by assigning an access control policy to each resource that is to be made accessible to "outsiders"; an attempt to access the resource triggers a trust negotiation, consisting of the iterative, bilateral disclosure of digital credentials and related information. In our recent work in applying the TrustBuilder system for trust negotiation to real-world systems, we have encountered the need to make trust negotiation facilities available to legacy peers, which has led to the development of the Traust system. We have also encountered the need to include helpful third parties in the negotiation process, such as credential wallets, remote authorization servers, and brokers. PeerTrust2 is our effort to design a language that allows us to reason about trust negotiations involving helpful third parties, while supporting exposure control, delegation, proof hints, declarations of purpose, sensitive policies, and other potentially useful aspects of access control. In this talk, I will demonstrate Traust and describe its internal design, and then describe PeerTrust2.