Traust and PeerTrust2: Applying Trust Negotiation to Real Systems
Marianne Winslett - University of Illinois at Urbana-Champaign
Apr 20, 2005
Download: MP4 Video
Watch in your Browser
Automated trust negotiation is an approach to authorization for open systems, i.e., systems where resources are shared across organizational boundaries. Automated trust negotiation enables open computing by assigning an access control policy to each resource that is to be made accessible to "outsiders"; an attempt to access the resource triggers a trust negotiation, consisting of the iterative, bilateral disclosure of digital credentials and related information. In our recent work in applying the TrustBuilder system for trust negotiation to real-world systems, we have encountered the need to make trust negotiation facilities available to legacy peers, which has led to the development of the Traust system. We have also encountered the need to include helpful third parties in the negotiation process, such as credential wallets, remote authorization servers, and brokers. PeerTrust2 is our effort to design a language that allows us to reason about trust negotiations involving helpful third parties, while supporting exposure control, delegation, proof hints, declarations of purpose, sensitive policies, and other potentially useful aspects of access control. In this talk, I will demonstrate Traust and describe its internal design, and then describe PeerTrust2.
About the Speaker
Marianne Winslett has been a professor at the University of Illinois at Urbana-Champaign since 1987. Her current research interests include security in open systems and data management for high-performance parallel scientific applications. She was an editor for ACM Transactions on Database Systems from 1994 to 2004, and has been the vice-chair of ACM SIGMOD
since 2000. She received an NSF Presidential Young Investigator Award in 1989.
Unless otherwise noted, the security seminar is held on Wednesdays at 4:30P.M.
STEW G52, West Lafayette Campus. More information...
© 1999-2013 Purdue University. All rights reserved.
CERIAS Seminar materials are intended for educational, non-commercial use only and any or all commercial use is prohibited. Any use must attribute "The CERIAS Seminar at Purdue University." Opinions expressed in the recordings are not necessarily representative of the views of CERIAS or of Purdue University.