A logic-based reasoning about PKI trust model
暂无分享,去创建一个
Applications such those of electronic payment require the participants authentication and a privacy of crucial information. Public-key infrastructures (PKIs) are essential for providing them these security services in open networks like the Internet. We propose logic for reasoning about PKI trust models. Our formalism enables us to describe a trust model of a PKI with greater precision than the widely used graph. It also allows us to verify whether a model respond to the PKI objectives and under which conditions. These objectives generally concern statements about entitles beliefs with regard to public key authenticity and certification authorities (CAs) trustworthiness. The proposed formalism takes into account the number of intermediates that have participated in an entity belief and the constraints that can be the concern of certification practices or certificate policies of PKI's CAs. These constraints may influence the trust model suitability to applications with specific requirements.
[1] Martín Abadi,et al. A logic of authentication , 1990, TOCS.
[2] Messaoud Benantar,et al. The Internet public key infrastructure , 2001, IBM Syst. J..
[3] T. Moses,et al. TRUST MANAGEMENT IN THE PUBLIC-KEY INFRASTRUCTURE , 1999 .
[4] Warwick Ford,et al. Internet X.509 Public Key Infrastructure Certificate Policy and Certification Practices Framework , 2003, RFC.
[5] Lawrence C. Paulson,et al. The Inductive Approach to Verifying Cryptographic Protocols , 2021, J. Comput. Secur..