Exploiting Preferences for Minimal Credential Disclosure in Policy-Driven Trust Negotiations Philipp Kärger , Daniel Olmedilla, Wolf-Tilo Balke L3S Research Center, Leibniz University Hannover, Germany 5 th Secure Data Management Workshop, Auckland, New Zealand, August 24, 2008
22
Embed
Exploiting Preferences for Minimal Credential Disclosure in Policy-Driven Trust Negotiations
Exploiting Preferences for Minimal Credential Disclosure in Policy-Driven Trust Negotiations. Philipp Kärger , Daniel Olmedilla, Wolf-Tilo Balke L3S Research Center, Leibniz University Hannover, Germany 5 th Secure Data Management Workshop, Auckland, New Zealand, August 24, 2008. Outline. - PowerPoint PPT Presentation
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
Exploiting Preferences for
Minimal Credential Disclosure
in
Policy-Driven Trust
NegotiationsPhilipp Kärger, Daniel Olmedilla, Wolf-Tilo Balke
L3S Research Center, Leibniz University Hannover, Germany
5th Secure Data Management Workshop, Auckland, New Zealand, August 24, 2008
Philipp Kärger, L3S Research Center Auckland, New Zealand, August 24, 2008 2
Exploiting Preferences for Minimal Credential Disclosure in Policy-Driven Trust Negotiations
Outline
1. Policy-driven Trust Negotiations what are they? what do they serve for? what may happen that we need Preferences?
2. Preferences in Trust Negotiations Modeling Disclosure Sets Modeling Preferences A Preference Model for comparing Disclosure Sets
3. Implementation and Experiments An Implementation guiding a Trust Negotiation Simulating Trust Negotiations
Philipp Kärger, L3S Research Center Auckland, New Zealand, August 24, 2008 3
Exploiting Preferences for Minimal Credential Disclosure in Policy-Driven Trust Negotiations
1. Trust Negotiation
Philipp Kärger, L3S Research Center Auckland, New Zealand, August 24, 2008 4
Exploiting Preferences for Minimal Credential Disclosure in Policy-Driven Trust Negotiations
Trust Negotiation: how to trust a stranger?
Alice on-line book shop
Disclose CreditCard IF Requestor has BBB certificate
Disclose Book IFRequestor discloses valid CredidCard
Disclose BBB certificate to any requestor
request for a book
“for the book I need a CreditCard”
“for the CreditCard I need a BBB cert.”
policy: policy:
Philipp Kärger, L3S Research Center Auckland, New Zealand, August 24, 2008 7
Exploiting Preferences for Minimal Credential Disclosure in Policy-Driven Trust Negotiations
The Need for Preferences
• What if a policy evaluation has more than one result?
Alice on-line book shopDisclose
CreditCard IF Requestor has BBB certificate
Disclose bank account information IF Requestor has BBB certificate
request for a book
“for the book I need a CreditCard or your bank account information”
Which Credential? CreditCard or bank account information?
exploit user preferences in the negotiation process to decide
Philipp Kärger, L3S Research Center Auckland, New Zealand, August 24, 2008 8
Exploiting Preferences for Minimal Credential Disclosure in Policy-Driven Trust Negotiations
It may become even more complex …
Alice on-line book shoprequest for a book
Philipp Kärger, L3S Research Center Auckland, New Zealand, August 24, 2008 9
Exploiting Preferences for Minimal Credential Disclosure in Policy-Driven Trust Negotiations
How to decide between the options?
• if the system is not aware of any user preferences it has to ask the user to decide.
• But the user may easily be overwhelmed by so
many options. may take a bad decision because of
lost overview. has to decide it again for all future negotiations. may not at all be available.
?
Philipp Kärger, L3S Research Center Auckland, New Zealand, August 24, 2008 10
Exploiting Preferences for Minimal Credential Disclosure in Policy-Driven Trust Negotiations
2. Preferences in Trust Negotiation
Philipp Kärger, L3S Research Center Auckland, New Zealand, August 24, 2008 11
Exploiting Preferences for Minimal Credential Disclosure in Policy-Driven Trust Negotiations
Preference handling
• a preference is an order of values having a decreasing preference “I prefer English but German is also fine.” “I prefer to disclose my pay pal account information instead of
my credit card number. My bank account information is the last option.”