Secure and efficient trust negotiation
The notion of Hidden Credentials can be applied to protectionof sensitive credentials, resources and policies in Trust Negotiation.It allows the server to encrypt a resource so that only the client with thecorrect credentials can decrypt it. The existing scheme of hidden credentialsrequires that the server grant access to the encrypted resourcedirectly to the client during the negotiation without knowing whetheror not the client can decrypt it. It would be a burden if the resourceswere very large. We found that when the server grants access to servicesrather than resources, the existing hidden credentials schemes areinsecure under our policy attacks, since the server can illegally learn theclients credentials from the attack. In this paper, we propose a schemeto stop the server from mounting a policy attack.