Computing Reviews
Today's Issue Hot Topics Search Browse Recommended My Account Log In
Review Help
Search
Private information: to reveal or not to reveal
Yao D., Frikken K., Atallah M., Tamassia R. ACM Transactions on Information and System Security12 (1):1-27,2008.Type:Article
Date Reviewed: Mar 31 2009

In this paper, readers will find protocols for computing the degrees of reluctance for software systems to reveal credentials that will allow users to gain access to resources. The authors’ insights include: a point-based trust (PBT) model for dynamically providing services rooted in access methods and credentials that limit the loss of privacy; a protocol for joint computation of the optimum total privacy scores of at-large credentials by a server and a client, without divulging the secret, sensitive parameters of both parties; and a fingerprint algorithm to enable the client to independently recover and validate the integrity of the computed optimal knapsack solution.

This is a comprehensive analysis of the issues of trust negotiation, management, and computation. Yao et al. show how to select a combination of credentials suited to the particular privacy scores for each credential. They discuss access control policies as a knapsack optimization problem, and offer a novel dynamic programming solution. The protocols advocated for realizing quantitative policies in trust management use semantically secure homomorphic encryption schemes widely, to provide protection against partly candid foes. The paper offers perceptive access control and PBT management ideas. Their two-party PBT framework ushers in new opportunities for the development of efficient solutions for multi-knapsack problems.

The design and implementation of quantifiable policies and protocols for trust management of access to resources in grid computing and the Internet entail answering nontrivial questions. Despite the recently promoted model for associating platform trust with behavioral policy [1], and the access and privacy policies for granting access to resources [2], many issues remain unresolved. For example, how should optimal values of arbitrarily rated credentials be computed and validated, so that they can be used to grant access to resources among entities in open ad hoc networks and e-commerce systems? How should satisfactory point-based trust be implemented in protocols designed for open systems in which providers and users have different and conflicting interests? This paper provides clear perceptions of these questions and more. If you are interested in privacy, and you should be, this is an insightful paper for your reading list.
Reviewer:  Amos Olagunju Review #: CR136647 (0911-1054)
1) Alam, M.; Zhang, X.; Nauman, M.; Ali, T.; Seifert, J.-P. Model-based behavioral attestation. In Proc. of the 13th ACM Symposium on Access Control Models and Technologies (Estes Park, CO, ), ACM, 2008, 175–184.
2) Ni, Q.; Bertino, E.; Lobo, J. An obligation model bridging access control policies and privacy policies. In Proc. of the 13th ACM Symposium on Access Control Models and Technologies (Estes Park, CO, ), ACM, 2008, 133–142.
Bookmark and Share
  Reviewer Selected
Featured Reviewer 		 
 
Access Controls (D.4.6 ... )
 
 
Authentication (K.6.5 ... )
 
Would you recommend this review?
yes
no
Other reviews under "Access Controls": Date
Access control lists in capability environments
Lopriore L. Technology and Science of Informatics 3(3): 163-174, 1984. Type: Article		 Mar 1 1985
Some variants of the take-grant protection model
Biskup J. (ed) Information Processing Letters 19(3): 151-156, 1984. Type: Article		 Jun 1 1985
On access checking in capability-based systems
Kain R., Landwehr C. (ed) IEEE Transactions on Software Engineering SE-13(2): 202-207, 1987. Type: Article		 Dec 1 1987
more...
E-Mail This Printer-Friendly
Send Your Comments
Contact Us
Reproduction in whole or in part without permission is prohibited.   Copyright 1999-2024 ThinkLoud®
Terms of Use | Privacy Policy