Authentication metric analysis and design

Authentication using a path of trusted intermediaries, each able to authenicate the next in the path, is a well-known technique for authenicating entities in a large-scale system. Recent work has extended this technique to include multiple paths in an effort to bolster authentication, but the success of this approach may be unclear in the face of intersecting paths, ambiguities in the meaning of certificates, and interdependencies in the use of different keys. Thus, several authors have proposed metrics to evaluate the confidence afforded by a set of paths. In this paper we develop a set of guiding principles for the design of such metrics. We motivate our principles by showing how previous approaches failed with respect to these principles and what the consequences to authentication might be. We then propose a new metric that appears to meet our principles, and so to be a satisfactory metric of authenticaiton.

[1]  Virgil D. Gligor,et al.  On Inter-Realm Authentication in Large Distributed Systems , 1993, J. Comput. Secur..

[2]  Thomas Beth,et al.  Valuation of Trust in Open Networks , 1994, ESORICS.

[3]  Chris Mitchell,et al.  Security defects in CCITT recommendation X.509: the directory authentication framework , 1990, CCRV.

[4]  William Stallings,et al.  Protect your privacy: a guide for PGP users , 1995 .

[5]  Thomas Beth,et al.  Trust-Based Navigation in Distribution Systems , 1994, Comput. Syst..

[6]  Philip R. Zimmermann,et al.  The official PGP user's guide , 1996 .

[7]  Virgil D. Gilgor,et al.  On inter-realm authentication in large distributed systems , 1992, Proceedings 1992 IEEE Computer Society Symposium on Research in Security and Privacy.

[8]  Christian Huitema,et al.  A new approach to the X.509 framework: allowing a global authentication infrastructure without a global trust model , 1995, Proceedings of the Symposium on Network and Distributed System Security.

[9]  Virgil D. Gligor,et al.  On inter-realm authentication in large distributed systems , 1991, Proceedings. 25th Annual 1991 IEEE International Carnahan Conference on Security Technology.

[10]  Butler W. Lampson,et al.  A Global Authentication Service without Global Trust , 1986, 1986 IEEE Symposium on Security and Privacy.

[11]  Ross J. Anderson,et al.  Robustness Principles for Public Key Protocols , 1995, CRYPTO.

[12]  D. R. Fulkerson,et al.  Maximal Flow Through a Network , 1956 .

[13]  Martín Abadi,et al.  Prudent engineering practice for cryptographic protocols , 1994, Proceedings of 1994 IEEE Computer Society Symposium on Research in Security and Privacy.

[14]  Morrie Gasser,et al.  The Digital Distributed System Security Architecture , 1989 .

[15]  B. Lampson,et al.  Authentication in distributed systems: theory and practice , 1991, TOCS.

[16]  Ueli Maurer,et al.  Modelling a Public-Key Infrastructure , 1996, ESORICS.

[17]  Robert E. Tarjan,et al.  Improved Time Bounds for the Maximum Flow Problem Improved Time Bounds for the Maximum Flow Problem Improved Time Bounds for the Maximum Flow Problem , 2008 .

[18]  Michael K. Reiter,et al.  Resilient Authentication Using Path Independence , 1998, IEEE Trans. Computers.

[19]  Christian Huitema,et al.  Associating Metrics to Certification Paths , 1992, ESORICS.

[20]  B. Clifford Neuman,et al.  Endorsements, licensing, and insurance for distributed system services , 1994, CCS '94.

[21]  Martín Abadi,et al.  Prudent Engineering Practice for Cryptographic Protocols , 1994, IEEE Trans. Software Eng..

[22]  Stephen T. Kent,et al.  Internet Privacy Enhanced Mail , 1993, CACM.

[23]  Robert E. Tarjan,et al.  A faster deterministic maximum flow algorithm , 1992, SODA '92.

[24]  Paul F. Syverson,et al.  Limitations on design principles for public key protocols , 1996, Proceedings 1996 IEEE Symposium on Security and Privacy.

[25]  David S. Johnson,et al.  Computers and Intractability: A Guide to the Theory of NP-Completeness , 1978 .

[26]  Alexander Aiken,et al.  Attack-Resistant Trust Metrics for Public Key Certification , 1998, USENIX Security Symposium.

[27]  J.J. Tardo,et al.  SPX: global authentication using public key certificates , 1991, Proceedings. 1991 IEEE Computer Society Symposium on Research in Security and Privacy.

[28]  Andrew V. Goldberg,et al.  A new approach to the maximum flow problem , 1986, STOC '86.