Trust negotiation in a client/server data processing network using automatic incremenmtal credential disclosure
作者: William Hale Winsborough , Kent Eldon Seamons
DOI:
关键词:
摘要: In client/server computing, especially in the field of e-commerce, digitally signed credentials are passed between client and server to develop trust parties. However, this requires that one party discloses its (which could be considered sensitive) other before disclosing knows anything about receiving (someone has go first). To solve problem, invention implements a negotiation credential disclosure called automatic incremental disclosure. Each held at local site is associated with an access policy which based on opposing credentials. Incoming requests for logically combined policies derive further responses.
lens.org 参考文章(15)
Yasuo Iijima, Mutual authentication system ,(1991)
William R. Soley, Alfred A. Alegre, Rong Q. Sha, Apparatus and method for providing trusted network security ,(1998)
Raymond F Bird, Inder S Gopal, Philippe A Janson, Shay Kutten, Refik A Molva, Marcel M Yung, Authentication protocols in communication networks ,(1992)
Butler Lampson, Andrew Birrell, Martin Abadi, Edward Wobber, Access control subsystem and method for distributed computer system using locally cached authentication credentials ,(1992)
Randall S. Ho, Richard D. Latham, Srikanth S. Meenakshi, Concurrent server and method of operation having client-server affinity using exchanged client and server keys ,(1998)
Larry K. Loucks, Todd A. Smith, Flexible interface to authentication services in a distributed data processing environment ,(1994)
Todd A. Smith, Donavon W. Johnson, Remote authentication and authorization in a distributed data processing system ,(1989)
Michael Jonathan Beller, Yacov Yacobi, Two-way public key authentication and key agreement for low-cost terminals ,(1994)
Masayuki Takada, Yoshihito Ishibashi, Susumu Kusakabe, System and method for authentication, and device and method for authentication ,(1998)
Paul N Alito, Guy L Fielder, Bilateral authentication and information encryption token system and method ,(1998)