The Center for Education and Research in Information Assurance and Security (CERIAS)

The Center for Education and Research in
Information Assurance and Security (CERIAS)

Kent Seamons - Brigham Young University

Students: Spring 2024, unless noted otherwise, sessions will be virtual on Zoom.

TrustBuilder: Automated Trust Negotiation in Open Systems

Feb 11, 2004

Abstract

The proliferation of Internet-enabled devices is ushering in an age of anytime, anywhere computing. The possibility of serious security breaches, as well as global market forces, is forcing organizations and individuals to develop the ability to rapidly form relationships and cooperate with one another to solve urgent problems. As disparate groups attempt to cooperate to conduct sensitive processes and detect and respond to security problems, their efforts to provide rapid and efficient response are hindered by traditional approaches to access control in decentralized systems, which are based on subject identity and are administered centrally. Automated trust negotiation is a new approach to establishing trust between strangers through the disclosure of digital credentials and the use of access control policies describing the properties of the parties allowed to access that resource.



TrustBuilder is a prototype system for negotiating trust across organizational boundaries. The goal of TrustBuilder is to address the systems challenges that will lead to ubiquitous, scalable trust negotiation technology that also protects the privacy of individuals and organizations. In this talk, I will provide an overview of some of the research challenges addressed thus far in the design and development of TrustBuilder. Examples include a protocol for trust negotiation that extends the TLS handshake protocol, content-triggered trust negotiation to allow a client to establish trust in a server before disclosing sensitive information, and a radical new approach to trust negotiation using hidden credentials.


About the Speaker

Kent Seamons is an Assistant Professor in the Computer Science Department at Brigham Young University where he directs the Internet Security Research Lab. Since 1997, his research focus has been trust negotiation, a new approach to access control in open systems. His research has been funded by NSF, DARPA, and Zone Labs, Inc.



Kent received his PhD in 1996 from the University of Illinois at Urbana-Champaign. He spent five years conducting research at the IBM Pittsburgh Lab (formerly Transarc Corporation) where he was a co-inventor of trust negotiation. He joined the faculty at BYU in 2000.



Ways to Watch

YouTube

Watch Now!

Over 500 videos of our weekly seminar and symposia keynotes are available on our YouTube Channel. Also check out Spaf's YouTube Channel. Subscribe today!