A Generalized Honest-But-Curious Trust Negotiation Strategy for Harvesting Credentials

Olson, Lars E.; Rosulek, Michael J.; Winslett, Marianne

Permalink

https://hdl.handle.net/2142/11381 Copy

Description

Title

A Generalized Honest-But-Curious Trust Negotiation Strategy for Harvesting Credentials

Author(s)

• Olson, Lars E.
• Rosulek, Michael J.
• Winslett, Marianne

Issue Date

2007-08

Keyword(s)

computer security

Abstract

Need-to-know is a fundamental security concept: a party should not learn information that is irrelevant to its mission. In this paper we show that during a trust negotiation in which parties show their credentials to one another, an adversary Alice can systematically harvest information about all of a victim Bob.s credentials that Alice is entitled to see, regardless of their relevance to a negotiation. We prove that it is not possible to enforce need-to-know conditions with the trust negotiation model and protocol developed by Yu, Winslett, and Seamons. We also present examples of similar need-to-know attacks with the trust negotiation approaches proposed by Bonatti and Samarati, and by Winsborough and Li. Finally, we propose possible countermeasures against need-to-know attacks, and discuss their advantages and disadvantages.

Type of Resource

text

Permalink

http://hdl.handle.net/2142/11381

Copyright and License Information

You are granted permission for the non-commercial reproduction, distribution, display, and performance of this technical report in any format, BUT this permission is only for a period of 45 (forty-five) days from the most recent time that you verified that this technical report is still available from the University of Illinois at Urbana-Champaign Computer Science Department under terms that include this permission. All other rights are reserved by the author(s).

Owning Collections