State Transition Diagram for Negotiation

Personalized Policy-based Credential Negotiation in Federation

This research is on the emerging topic of internet privacy preserving technology. A salient question is who decides the release policy. Can privacy be preserved if the end-user is not in control of the policy under which their information is released? Should an individual have access and awareness about how his/her own personal data is revealed? Perhaps a system which does not provide such handle or even awareness to the owner is not at all privacy preserving.

In this research we are aiming at novel community systems which can provide such handle to privacy to its end-users.


The real and peer-to-peer world is made up of communities. Access to the community resources is given based on roles and credentials of members. Single Sign On (SSO) federated authentication and authorization infrastructure (AAI) systems such as Shibboleth allows two or more such communities or organizations to exchange personal information of their respective members allowing seamless access to federated resources without requiring the individual members to painfully register (and divulge) non-essential personal information individually to each.

However, in AAI organization dictates the release policy.

WIC: Javed I. Khan, Kailas Bobade and Manas Hardas, Personalized Negotiation Based on Individualization: Incorporating Personalization into Peer to Peer System, 5th IEEE International Conference on Information Technology: New Generations, ITNG 2008, Las Vegas, Nevada, USA, April 7-9, 2008 (accepted). [KhBH08]


WIC: Javed I. Khan, Kailas Bobade and Manas Hardas, Negotiation Based on Individualization: Incorporating Personalization into Federation, Proceedings of the 5th International Conference on Information and Communications Technology, 2007, IEEE Press, December 2007, Cairo, Egypt, pp 309 -314. [KhBH07]



WIC: Javed I. Khan, Kailash Bobade, and Manas Hardas, Intra-Federation Credential Negotiation based on Individualized Release Strategy, Proceedings of the IASTED International Conference on Communications, Internet, and Information Technology, CIIT 2007, Banff, Alberta, Canada, June, 2007, pp575-122. [KhBH07]

Selected Publications

More Publications >>

In this research we are exploring a second generation AAI framework with privacy layers. It begins from individual members who can specify and personalize their own personal credential and attribute release policies. The cooperating organizations acts as additional privacy layer(s) on top.


Such fine personalization is however algorithmically non-trivial. When both sides personalize as opposed to simple request reply based communication, such personalization inherently necessitates a whole new mechanism of iterative negotiation. In this research we are investigating various algorithms for automated information negotiation.


We have proposed general negotiation and shown various algorithms for state-full and state-less negotiation, negotiation with minimum credential divulgence, eager negotiation, under various privacy models such federated, communal and libertarian privacy.




Technical Reports

All Projects




Page last updated February, 2008, Medianet Laboratories.

Welcome | Projects | Publications | Technical Reports | Software | Resources | Sponsors | Personnel