Speaker: Ting Yu , Stanford University
Trust Establishment and Access Control over the Internet
Abstract: As we are moving towards a globally internetworked infrastructure, an increasing amount of information and resources are available through the Internet in a variety of forms. In this context, how to provide flexible, scalable and efficient protection for sensitive information becomes a challenging research problem. In this talk, I will present solutions to this problem in two different scenarios.
In open systems like the Internet, many interactions happen between strangers, i.e., entities that have no pre-existing relationship and may not share a common security domain. In order for strangers to conduct sensitive interactions, a sufficient level of mutual trust must be established. Traditional identity-based approaches are usually not adequate. In this talk, I will present Trust Negotiation, which is a new approach to establishing trust between strangers through the disclosure of digital credentials and the use of access control policies. My talk will focus on how to guarantee the establishment of trust whenever possible when negotiation participants use different algorithms to determine what credentials and resources to disclose.
XML is widely regarded as a standard format for information export and exchange over the Internet. As companies transact business over the Internet, the sensitive nature of the information mandates that access must be provided selectively. Because of the hierarchical nature of XML, the access control specification can be very complex. Traditional access control schemes would be either time-inefficient or space-inefficient. I will present a solution to the access control problem for XML, based on the novel notion of a compressed accessibility map. By taking advantage of accessibility locality, this solution achieves both time- and space-efficiency.
Short Bio: Ting Yu received his BS in computer science from Peking University in 1997 and MS in computer science from the University of Minnesota in 1998. Currently, he is a Ph.D student in the Department of Computer Science at the University of Illinois at Urbana-Champaign, under the supervision of Professor Marianne Winslett. The title of his dissertation is "Dynamic Trust Establishment in Open Systems.” His research interests include security, trust management, databases and XML.
Host: Purush Iyer, Computer Science, NCSU