![Page 1: Trust-X: A Peer-to-Peer Framework for Trust Establishment Elisa Bertino, et.al. Presented by: Carlos Caicedo](https://reader035.vdocuments.net/reader035/viewer/2022081603/56649f155503460f94c2a6a2/html5/thumbnails/1.jpg)
Trust-X: A Peer-to-Peer Framework for Trust
Establishment
Elisa Bertino, et.al.
Presented by:Carlos Caicedo
![Page 2: Trust-X: A Peer-to-Peer Framework for Trust Establishment Elisa Bertino, et.al. Presented by: Carlos Caicedo](https://reader035.vdocuments.net/reader035/viewer/2022081603/56649f155503460f94c2a6a2/html5/thumbnails/2.jpg)
Introduction
Trust establishment via trust negotiation Exchange of digital credentials
Credential exchange has to be protected Policies for credential disclosure
Claim: Current approaches to trust negotiation don’t provide a comprehensive solution that takes into account all phases of the negotiation process
![Page 3: Trust-X: A Peer-to-Peer Framework for Trust Establishment Elisa Bertino, et.al. Presented by: Carlos Caicedo](https://reader035.vdocuments.net/reader035/viewer/2022081603/56649f155503460f94c2a6a2/html5/thumbnails/3.jpg)
Trust Negotiation model
ClientPolicy Base
ServerPolicy BaseResource request
Policies
Policies
Subject Profile
Subject Profile
Resource granted
Credentials
Credentials
Slide from: http://www.ccs.neu.edu/home/ahchan/wsl/symposium/bertino.ppt
![Page 4: Trust-X: A Peer-to-Peer Framework for Trust Establishment Elisa Bertino, et.al. Presented by: Carlos Caicedo](https://reader035.vdocuments.net/reader035/viewer/2022081603/56649f155503460f94c2a6a2/html5/thumbnails/4.jpg)
Trust-X
XML-based system Designed for a peer-to-peer
environment Both parties are equally responsible for
negotiation management. Either party can act as a requester or a
controller of a resource X-TNL: XML based language for
specifying certificates and policies
![Page 5: Trust-X: A Peer-to-Peer Framework for Trust Establishment Elisa Bertino, et.al. Presented by: Carlos Caicedo](https://reader035.vdocuments.net/reader035/viewer/2022081603/56649f155503460f94c2a6a2/html5/thumbnails/5.jpg)
Trust-X (2) Certificates: They are of two types
Credentials: States personal characteristics of its owner and is certified by a CA
Declarations: collect personal information about its owner that does not need to be certified
Trust tickets (X-TNL) Used to speed up negotiations for a resource when
access was granted in a previous negotiation Support for policy pre-conditions Negotiation conducted in phases
![Page 6: Trust-X: A Peer-to-Peer Framework for Trust Establishment Elisa Bertino, et.al. Presented by: Carlos Caicedo](https://reader035.vdocuments.net/reader035/viewer/2022081603/56649f155503460f94c2a6a2/html5/thumbnails/6.jpg)
Trust-X (3)
a) Credential b) Declaration
![Page 7: Trust-X: A Peer-to-Peer Framework for Trust Establishment Elisa Bertino, et.al. Presented by: Carlos Caicedo](https://reader035.vdocuments.net/reader035/viewer/2022081603/56649f155503460f94c2a6a2/html5/thumbnails/7.jpg)
The basic Trust-X system
Tree Tree ManagerManager
Tree Tree ManagerManager
Mailbox Store
X ProfileX Profile
Mailbox Store
X ProfileX ProfilePolicy Policy DatabaseDatabase
Policy Policy DatabaseDatabase
Compliance Compliance CheckerChecker Compliance Compliance
CheckerChecker
AliceAlice BobBob
Slide from: http://www.ccs.neu.edu/home/ahchan/wsl/symposium/bertino.ppt
![Page 8: Trust-X: A Peer-to-Peer Framework for Trust Establishment Elisa Bertino, et.al. Presented by: Carlos Caicedo](https://reader035.vdocuments.net/reader035/viewer/2022081603/56649f155503460f94c2a6a2/html5/thumbnails/8.jpg)
Bob
Prerequisite acknowledge
Match disclosurepolicies
Alice
Request
RESOURCE DISCLOSURE
Message exchange in a Trust-X negotiation
POLICY EXCHANGEBilateral disclosureof policies
INTRODUCTORYPHASE
PreliminaryInformationexchange
CREDENTIAL DISCLOSURE
Actual credentialdisclosure
Service request
Credential and/or Declaration
Disclosure policies
Service granted
Disclosure policies
Credential and/or Declaration
Slide from: http://www.ccs.neu.edu/home/ahchan/wsl/symposium/bertino.ppt
![Page 9: Trust-X: A Peer-to-Peer Framework for Trust Establishment Elisa Bertino, et.al. Presented by: Carlos Caicedo](https://reader035.vdocuments.net/reader035/viewer/2022081603/56649f155503460f94c2a6a2/html5/thumbnails/9.jpg)
Disclosure Policies
“They state the conditions under which a resource can be released during a negotiation”
Prerequisites – associated to a policy, it’s a set of alternative disclosure policies that must be satisfied before the disclosure of the policy they refer to.
![Page 10: Trust-X: A Peer-to-Peer Framework for Trust Establishment Elisa Bertino, et.al. Presented by: Carlos Caicedo](https://reader035.vdocuments.net/reader035/viewer/2022081603/56649f155503460f94c2a6a2/html5/thumbnails/10.jpg)
Modeling negotiation:logic formalism
P() credential type C set of conditions
P(C)TERM
RP1(c), P2(c)Policy expressed as
Resource which the policy refers to
Requestedcertificates
Disclosure policies are expressed in terms of logical expressions which can specify either simple or composite conditions against certificates.
Slide from: http://www.ccs.neu.edu/home/ahchan/wsl/symposium/bertino.ppt
![Page 11: Trust-X: A Peer-to-Peer Framework for Trust Establishment Elisa Bertino, et.al. Presented by: Carlos Caicedo](https://reader035.vdocuments.net/reader035/viewer/2022081603/56649f155503460f94c2a6a2/html5/thumbnails/11.jpg)
Example Consider a Rental Car service. The service is free for the employees of Corrier
company. Moreover, the Company already knows Corrier employees and has a digital copy of their driving licenses. Thus, it only asks the employees for the company badge and a valid copy of the ID card, to double check the ownership of the badge. By contrast, rental service is available on payment for unknown requesters, who have to submit first a digital copy of their driving licence and then a valid credit card. These requirements can be formalized as follows:
![Page 12: Trust-X: A Peer-to-Peer Framework for Trust Establishment Elisa Bertino, et.al. Presented by: Carlos Caicedo](https://reader035.vdocuments.net/reader035/viewer/2022081603/56649f155503460f94c2a6a2/html5/thumbnails/12.jpg)
Example (2)
![Page 13: Trust-X: A Peer-to-Peer Framework for Trust Establishment Elisa Bertino, et.al. Presented by: Carlos Caicedo](https://reader035.vdocuments.net/reader035/viewer/2022081603/56649f155503460f94c2a6a2/html5/thumbnails/13.jpg)
Trust-X negotiation
![Page 14: Trust-X: A Peer-to-Peer Framework for Trust Establishment Elisa Bertino, et.al. Presented by: Carlos Caicedo](https://reader035.vdocuments.net/reader035/viewer/2022081603/56649f155503460f94c2a6a2/html5/thumbnails/14.jpg)
Negotiation Tree
Used in the policy evaluation phase Maintains the progress of a negotiation Used to identify at least a possible
trust sequence that can lead to success in a negotiation (a view)
![Page 15: Trust-X: A Peer-to-Peer Framework for Trust Establishment Elisa Bertino, et.al. Presented by: Carlos Caicedo](https://reader035.vdocuments.net/reader035/viewer/2022081603/56649f155503460f94c2a6a2/html5/thumbnails/15.jpg)
Negotiation Tree (2)
![Page 16: Trust-X: A Peer-to-Peer Framework for Trust Establishment Elisa Bertino, et.al. Presented by: Carlos Caicedo](https://reader035.vdocuments.net/reader035/viewer/2022081603/56649f155503460f94c2a6a2/html5/thumbnails/16.jpg)
Comparison of Trust Negotiation Systems
![Page 17: Trust-X: A Peer-to-Peer Framework for Trust Establishment Elisa Bertino, et.al. Presented by: Carlos Caicedo](https://reader035.vdocuments.net/reader035/viewer/2022081603/56649f155503460f94c2a6a2/html5/thumbnails/17.jpg)