A New Approach to Hide Policy for Automated Trust Negotiation

Abstract

Automated trust negotiation (ATN) is an important approach to establish trust between strangers through the exchange of credentials and access control policies. In practice, access control policy may contain sensitive information. The negotiation process becomes complicated when the access control policy is designed complex in order to avoid information leakage. Furthermore, if the access control policy has conflicts or cycles, normal negotiation strategies often fail. In this paper, a new approach to hide access control policy is proposed based on the study on the existing problems. In the approach, the policy consistency is checked so as to detect policy conflicts. 0-1 table is used to implement it as well as discover minimal credential-set. Meanwhile, a practical example shows that the approach is suitable and can effectively protect sensitive information in access control policy.