Policy Security Protecting for Negotiating Trust

The dynamic and cross-organizational aspects of Grid introduce challenging management and policy issues for controlling access to the resources. Automated trust negotiation is an approach which establishes trust between strangers through the bilateral, iterative disclosure of digital credentials. Sensitive credentials are protected by access control policies which may also be communicated to the other party. In this paper, we propose a policy security protecting solution as a mechanism to help prevent unauthorized information inferences during trust negotiation. Compared to the existing safety model, our policy security protecting solution focuses on the actual information gain during trust negotiation instead of the exchanged messages. Thus, it directly reflects the essence of safety in sensitive information protection. Based on the proposed solution, We show that policy security protecting solution achieve the same protection of sensitive information as existing solutions without imposing additional complications to the interaction between negotiation participants or restricting userspsila autonomy in defining their own policies.