Trust negotiation

From Wikipedia, the free encyclopedia

Trust Negotiation is an approach to gradually establishing trust between strangers online through the iterative exchange of digital credentials. In contrast to a closed system, where the interacting entities have a preexisting relationship (often proved by typing a username and password), trust negotiation is an open system, and complete strangers can build trust in one another. This is done by disclosing digital credentials.

Digital credentials are the computer analog to paper credentials, such as a driver's license, credit card, or student ID. Rather than proving the credential owner's identity, digital credentials assert that their owner possesses certain attributes. A student might receive a credential from his or her university that certifies that they are a student at that university. The student could then use that credential, for example, to prove they are a student in order to qualify for a student discount at an online bookstore. Credentials are digitally signed in order to allow third parties to verify them.

Researchers at Brigham Young University built a software prototype of trust negotiation called TrustBuilder. TrustBuilder uses X.509 certificates as its credentials and runs on top of several common Internet protocols, including HTTP, TLS, and SSH. Researchers from the University of Illinois at Urbana-Champaign are working on the next-generation version of TrustBuilder, titled TrustBuilder2.

[edit] External links

  • Internet Security Research Lab A research lab that has done research on many areas of trust negotiation.
  • PeerTrust: Automated Trust Negotiation for Peers on the Semantic Web In the PeerTrust project we are developing and investigating policy languages to describe trust and security requirements on the Semantic Web. Such policies will be one component of a run-time system that can negotiate to establish trust on the Semantic Web. The PeerTrust system uses guarded distributed logic programs as the basis for a simple yet expressive policy and trust negotiation language, built upon the rule layer of the Semantic Web layer cake.
This computer network-related article is a stub. You can help Wikipedia by expanding it.