In open systems like the Internet, strangers can establish trust in each
other by learning about each other's attributes, described in digital
credentials that are disclosed during trust negotiation to gradually build
up enough trust to complete a sensitive interaction.
The Internet Security Research Lab (ISRL) conducts research in areas related to establishing trust between strangers on the Internet. Web clients and servers frequently begin an interaction as complete strangers whenever the client is not part of the server's security domain. Identity-based security approaches fall short in such an environment. In order to readily conduct sensitive business transactions, the client and server must build trust gradually on-line according to attributes other than identity, such as citizenship, age, employment status, memberships, licenses, certifications, etc. Trust negotiation is the process of a client and a server exchanging digital credentials and policies with one another to gradually build trust. Credentials serve as digital "letters of introduction".
|
|
|
|
|
 |
 |
 |