Achieving privacy in trust negotiations with an ontology-based approach

Anna C. Squicciarini, Elisa Bertino, Elena Ferrari, Indrakshi Ray

Research output: Contribution to journalArticlepeer-review

55 Scopus citations


The increasing use of Internet in a variety of distributed multiparty interactions and transactions with strong real-time requirements has pushed the search for solutions to the problem of attribute-based digital interactions. A promising solution today is represented by automated trust negotiation systems. Trust negotiation systems allow subjects in different security domains to securely exchange protected resources and services. These trust negotiation systems, however, by their nature, may represent a threat to privacy in that credentials, exchanged during negotiations, often contain sensitive personal information that may need to be selectively released. In this paper, we address the problem of preserving privacy in trust negotiations. We introduce the notion of privacy preserving disclosure, that is, a set that does not include attributes or credentials, or combinations of these, that may compromise privacy. To obtain privacy preserving disclosure sets, we propose two techniques based on the notions of substitution and generalization. We argue that formulating the trust negotiation requirements in terms of disclosure policies is often restrictive. To solve this problem, we show how trust negotiation requirements can be expressed as property-based policies that list the properties needed to obtain a given resource. To better address this issue, we introduce the notion of reference ontology, and formalize the notion of trust requirement. Additionally, we develop an approach to derive disclosure policies from trust requirements and formally state some semantics relationships (i.e., equivalence, stronger than) that may hold between policies. These relationships can be used by a credential requestor to reason about which disclosure policies he/she should use in a trust negotiation.

Original languageEnglish (US)
Pages (from-to)13-30
Number of pages18
JournalIEEE Transactions on Dependable and Secure Computing
Issue number1
StatePublished - 2006

All Science Journal Classification (ASJC) codes

  • General Computer Science
  • Electrical and Electronic Engineering


Dive into the research topics of 'Achieving privacy in trust negotiations with an ontology-based approach'. Together they form a unique fingerprint.

Cite this