Extensible Pre-Authentication in Kerberos (EPAK) is a Kerberos extension that enables many authentication methods to be loosely coupled with Kerberos, without further modification to Kerberos.
EPAK will be presented at the 23rd Annual Computer Security Applications Conference (ACSAC).
We’re looking for undergraduate and new graduate students interested in computer security research. Learn more…
Dan Walker will be giving a presentation today on his thesis topic.
Abstract
People today are concerned with how information about them is collected, stored and used. This thesis proposes a protocol that allows users to negotiate privacy policies with Internet sites that want to collect data about them. The Or Best Offer Negotiation protocol improves on existing protocols in that it is guaranteed to reach an end state within a fixed number of negotiation rounds. It uses a graph-based model to allow the specification of fine-grained but flexible privacy preferences for users. Also, the protocol is fair to both participants in the negotiation.
Cameron Morris will defend his thesis on Thursday, March 9 at 8:30 AM in the CS Conference Room.
All are invited to attend!
Title: Browser Based Trust Negotiation
Abstract:
Trust negotiation allows two parties on the Internet to establish trust in each other according to the digital credentials that each other possesses. Traditionally, trust negotiation uses certificates as digital credentials. However, certificates make trust negotiation difficult to use since people rarely have certificates available to them, and they must physically possess and secure all needed certificates in order to negotiate.
To avoid these problems, this thesis proposes that credential authorities negotiate on behalf of the user. This thesis defines Browser- Based Trust Negotiation (BBTN) as a method for negotiating with credential authorities using the Secure Assertion Markup Language (SAML).