发明名称 |
Automated trust negotiation |
摘要 |
Distributed software subjects face the problem of determining one another's trustworthiness. The problem considered herein is managing the exchange of credentials between strangers for the purpose of property-based authentication and authorization when credentials, authenticating properties of the subject, are sensitive. An architecture for trust negotiation between client and server is presented. The notion of a trust negotiation strategy is introduced with respect to an abstract model of trust negotiation. Two strategies with very different properties are defined and analyzed. A language of credential expressions is described, with two example negotiations illustrating the two negotiation strategies ongoing work on policies governing credential disclosure and trust negotiation is disclosed.
|
申请公布号 |
US2002016777(A1) |
申请公布日期 |
2002.02.07 |
申请号 |
US20010800641 |
申请日期 |
2001.03.07 |
申请人 |
INTERNATIONAL BUSINESS MACHINES CORPORATION |
发明人 |
SEAMONS KENT E.;WINSBOROUGH WILLIAM H. |
分类号 |
G06F21/00;H04L29/06;(IPC1-7):G06F17/60 |
主分类号 |
G06F21/00 |
代理机构 |
|
代理人 |
|
主权项 |
|
地址 |
|