Risk management of digital certificates in ad hoc and P2P networks

In nonhierarchical public key infrastructure (PKI), any user can be a certificate authority (CA) to issue digital certificates to other users. As there is no single root CA, it is difficult to check the validity of certificates issued by unknown CAs. It is very risky to trust them without in-depth analysis. How users issue certificates in the real world has not been studied. Solomon Aschpsilas conformity experiment reveals that peoplespsila decisions are influenced by others. To reduce the risk of trusting malicious certificate issuers, we propose two novel methods, micro method and macro method, for users to make trust decisions based on the relationships among the CAs. They will improve the security in ad hoc networks and peer-to-peer (P2P) communications.

[1]  J. Levine,et al.  Solomon Asch's Legacy for Group Research , 1999, Personality and social psychology review : an official journal of the Society for Personality and Social Psychology, Inc.

[2]  Dorothea Wagner,et al.  Approximating Clustering Coefficient and Transitivity , 2005, J. Graph Algorithms Appl..

[3]  Duncan J. Watts,et al.  Six Degrees: The Science of a Connected Age , 2003 .

[4]  Ji Ma,et al.  IEEE TRANSACTIONS ON SYSTEMS , MAN , AND CYBERNETICS — PART A : SYSTEMS AND HUMANS , 2006 .

[5]  Audun Jøsang,et al.  Optimal Trust Network Analysis with Subjective Logic , 2008, 2008 Second International Conference on Emerging Security Information, Systems and Technologies.

[6]  Nicholas R. Jennings,et al.  Certified reputation: how an agent can trust a stranger , 2006, AAMAS '06.

[7]  Audun Jøsang,et al.  Trust network analysis with subjective logic , 2006, ACSC.

[8]  Ling Liu,et al.  PeerTrust: supporting reputation-based trust for peer-to-peer electronic communities , 2004, IEEE Transactions on Knowledge and Data Engineering.

[9]  John S. Baras,et al.  On trust models and trust evaluation metrics for ad hoc networks , 2006, IEEE Journal on Selected Areas in Communications.