Automated trust negotiation

摘要

Distributed software subjects face the problem of determining one another's trustworthiness. The problem considered herein is managing the exchange of credentials between strangers for the purpose of property-based authentication and authorization when credentials, authenticating properties of the subject, are sensitive. An architecture for trust negotiation between client and server is presented. The notion of a trust negotiation strategy is introduced with respect to an abstract model of trust negotiation. Two strategies with very different properties are defined and analyzed. A language of credential expressions is described, with two example negotiations illustrating the two negotiation strategies ongoing work on policies governing credential disclosure and trust negotiation is disclosed.