Trust relationships in secure systems-a distributed authentication perspective

The notion of trust is fundamental in inter-domain authentication protocols. The goal is to develop an effective formalism for explicit expressions of trust relations between entities involved in authentication protocols. Different relevant types of trust are identified and classified. A formalism for expressing trust relations is presented along with an algorithm for deriving trust relations from recommendations. The advantages of the approach are demonstrated by analyzing and comparing the trust relation requirements of a few known authentication protocols.<<ETX>>

[1]  Martín Abadi,et al.  A calculus for access control in distributed systems , 1991, TOPL.

[2]  Taher ElGamal,et al.  A public key cyryptosystem and signature scheme based on discrete logarithms , 1985 .

[3]  J.J. Tardo,et al.  SPX: global authentication using public key certificates , 1991, Proceedings. 1991 IEEE Computer Society Symposium on Research in Security and Privacy.

[4]  Patrick Horster,et al.  Cryptographic Protocols and Network Security , 1992, SEC.

[5]  Jeffrey D. Ullman,et al.  Protection in operating systems , 1976, CACM.

[6]  Roger M. Needham,et al.  Authentication revisited , 1987, OPSR.

[7]  Virgil D. Gilgor,et al.  On inter-realm authentication in large distributed systems , 1992, Proceedings 1992 IEEE Computer Society Symposium on Research in Security and Privacy.

[8]  Stephen T. Kent,et al.  Security Mechanisms in High-Level Network Protocols , 1983, CSUR.

[9]  Owen Rees,et al.  Efficient and timely mutual authentication , 1987, OPSR.

[10]  Hans-Joachim Knobloch,et al.  How to Keep Authenticity Alive in a Computer Network , 1990, EUROCRYPT.

[11]  Martín Abadi,et al.  Authentication in distributed systems: theory and practice , 1991, SOSP '91.

[12]  Taher El Gamal A public key cryptosystem and a signature scheme based on discrete logarithms , 1984, IEEE Trans. Inf. Theory.

[13]  Jeffrey I. Schiller,et al.  An Authentication Service for Open Network Systems. In , 1998 .

[14]  Martín Abadi,et al.  A logic of authentication , 1990, TOCS.

[15]  Thomas Beth,et al.  Efficient Zero-Knowledge Identification Scheme for Smart Cards , 1988, EUROCRYPT.

[16]  Roger M. Needham,et al.  Using encryption for authentication in large networks of computers , 1978, CACM.

[17]  Li Gong,et al.  Reasoning about belief in cryptographic protocols , 1990, Proceedings. 1990 IEEE Computer Society Symposium on Research in Security and Privacy.

[18]  Butler W. Lampson,et al.  A Global Authentication Service without Global Trust , 1986, 1986 IEEE Symposium on Security and Privacy.

[19]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.