Perfect Privacy-preserving Automated Trust Negotiation

抄録

Recently, Automated Trust Negotiation (ATN) has played an important role for two participants who want to automatically establish a trust relationship between each other in an open system so that they can receive some services or information. For example, when a person wants to buy a product from a website he will need to know that the website can be trusted or not. In this scheme, both parties (i.e., the person and the website, in this example) exchange their credentials and access control policies to each other automatically to ensure that the required policies of each party are met; following which the trust negotiation is established. Our proposed scheme allows both parties to learn whether or not, they agree to establish a trust relationship. After the scheme was performed, no policy was disclosed to each other. In this paper, we provide some building blocks used to construct our proposed scheme and describe the basic ideas for hiding access control policies and for implementing a conditional transfer. We also define the steps of how our protocol works with a numerical example. Moreover, we evaluate our scheme in terms of the computation cost by a mathematical analysis and the implementation using binary tree model of credentials and policies. Finally, we show that our scheme can be securely performed.