The Internet provides an environment where two parties, who are virtually strangers to each other, can make connections and do business together. Before any actual business starts, a certain level of trust should be established. Each party should make sure that the other one is qualified and can be trusted for the ongoing transaction. Automated trust negotiation is a new approach to establishing trust between strangers through the exchange of digital credentials and the use of access control policies that specify what combinations of credentials a stranger must disclose in order to gain access to each local service or credential. In this paper, we give an overview of automated trust negotiation, including the architecture of automated trust negotiation, trust negotiation protocols and negotiation strategies. Then we briefly discuss various issues in automated trust negotiation, such as strategy interoperability, access control policy protection and privacy protection.
展开▼