论文信息 - A calculus of trust and its application to PKI and identity management

A calculus of trust and its application to PKI and identity management

We introduce a formal semantics based calculus of trust that explicitly represents trust and quantifies the risk associated with trust in public key infrastructure (PKI) and identity management (IdM). We then show by example how to formally represent trust relationships and quantitatively evaluate the risk associated with trust in public key certificate chains. In the context of choosing a certificate chain, our research shows that the shortest chain need not be the most trustworthy, and that it may make sense to compare the trustworthiness of a potential chain against a threshold to govern acceptance, changing the problem to finding a chain with sufficiently high trustworthiness. Our calculus also shows how quantified trust relationships among CAs can be combined to achieve an overall trust assessment of an offered certificate.

David M. Nicol | Jingwei Huang | D. Nicol | Jingwei Huang

[1] Raph Levien,et al. Attack-Resistant Trust Metrics , 2009, Computing with Social Trust.

[2] Lik Mui,et al. A Computational Model of Trust and Reputation for E-businesses , 2002 .

[3] Audun Jøsang,et al. Simplification and analysis of transitive trust networks , 2006, Web Intell. Agent Syst..

[4] Sean W. Smith,et al. Modeling and Evaluation of Certification Path Discovery in the Emerging Global PKI , 2006, EuroPKI.

[5] Bruce Schneier,et al. Ten Risks of PKI , 2004 .

[6] Jie Zhang,et al. Trusting advice from other buyers in e-marketplaces: the problem of unfair ratings , 2006, ICEC '06.

[7] Ueli Maurer,et al. Modelling a Public-Key Infrastructure , 1996, ESORICS.

[8] J. Linn. Trust Models and Management in Public-Key Infrastructures , 2000 .

[9] Stephen Marsh,et al. Trust, Untrust, Distrust and Mistrust - An Exploration of the Dark(er) Side , 2005, iTrust.

[10] Jennifer Golbeck,et al. Computing and Applying Trust in Web-based Social Networks , 2005 .

[11] Hector Garcia-Molina,et al. The Eigentrust algorithm for reputation management in P2P networks , 2003, WWW '03.

[12] William T. Polk,et al. Bridge Certification Authorities : Connecting B 2 B Public Key Infrastructures , 2000 .

[13] Munindar P. Singh,et al. A Social Mechanism of Reputation Management in Electronic Communities , 2000, CIA.

[14] Jordi Forné,et al. PKI trust relationships: from a hybrid architecture to a hierarchical model , 2006, First International Conference on Availability, Reliability and Security (ARES'06).

[15] L. Mui,et al. A computational model of trust and reputation , 2002, Proceedings of the 35th Annual Hawaii International Conference on System Sciences.

[16] Mark S. Fox,et al. An ontology of trust: formal semantics and transitivity , 2006, ICEC '06.

[17] Michael K. Reiter,et al. Resilient Authentication Using Path Independence , 1998, IEEE Trans. Computers.

[18] Michael K. Reiter,et al. Authentication metric analysis and design , 1999, TSEC.

[19] Li Ding,et al. Modeling and Evaluating Trust Network Inference , 2004 .

[20] Robert Demolombe. To trust information sources: a proposal for a modal logical framework , 2001 .

[21] N. Luhmann. Trust and Power , 1979 .

[22] Rajeev Motwani,et al. The PageRank Citation Ranking : Bringing Order to the Web , 1999, WWW 1999.

[23] Richard Forno,et al. PKI: a question of trust and value. , 2001 .

[24] Jingwei Huang,et al. Knowledge Provenance: An Approach to Modeling and Maintaining The Evolution and Validity of Knowledge , 2008 .

[25] P. Resnick,et al. Online Reputation Mechanisms-A Roadmap for Future Research , 2003 .

[26] Audun Jøsang,et al. A Logic for Uncertain Probabilities , 2001, Int. J. Uncertain. Fuzziness Knowl. Based Syst..

[27] Steve Hanna,et al. Building Certifications Paths: Forward vs. Reverse , 2001, NDSS.