Entity Authentication and Trust Validation in PKI Using Petname Systems

Ferdous, Sadek; Jøsang, Audun

doi:10.4018/978-1-4666-4030-6.ch013

Cited by 5 publications

(3 citation statements)

References 9 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…An essential component of identity management is the namespace of unique names, which ideally should be global and memorable. Unfortunately, no namespace can be designed where names are unique, global and memorable simultaneously, which is one of the main challenges in identity management [6]. The legal name of a person or organisation is usually not unique, in which case it cannot be used to uniquely identify a person or organisation.…”

Section: Identity Management Conceptsmentioning

confidence: 99%

“…The triangle of Fig. 11 where each of the three desirable properties of names are placed in one of the corners is commonly known as Zooko's triangle, and represents the basic foundation for the Petname Model [6, 42].…”

Section: Sp Identity Managementmentioning

confidence: 99%

“…By using a petname system this type of confusion – and phishing attack – is avoided through enabling manual trust evaluation by the user while the transition takes place [6, 46]. More specifically, a petname system in combination with, for example, TLS can provide cognitive server authentication, which is precisely the security service needed to prevent phishing attacks.…”

Section: Sp Identity Managementmentioning

confidence: 99%

See 2 more Smart Citations

Identity management and trusted interaction in Internet and mobile computing

Jøsang

2014

IET Information Security

Self Cite

View full text Add to dashboard Cite

The convergence of Internet and mobile computing enables personalised access to online services anywhere and anytime. This potent access capability creates opportunities for new business models which stimulates vigorous investment and rapid innovation. Unfortunately, this innovation also produces new vulnerabilities and threats, and the new business models also create incentives for attacks, because criminals will always follow the money. Unless the new threats are balanced with appropriate countermeasures, growth in Internet and mobile services will encounter painful setbacks. Security and trust are two fundamental factors for sustainable development of identity management in online markets and communities. The aim of this article is to present an overview of central aspects of identity management in Internet and mobile computing with respect to security and trust.

show abstract

Section: Identity Management Conceptsmentioning

confidence: 99%

Section: Sp Identity Managementmentioning

confidence: 99%

Section: Sp Identity Managementmentioning

confidence: 99%

See 1 more Smart Citation

Identity management and trusted interaction in Internet and mobile computing

Jøsang

2014

IET Information Security

Self Cite

View full text Add to dashboard Cite

show abstract

The OffPAD: Requirements and Usage

Varmedal

Klevjer

Hovlandsvåg

et al. 2013

Network and System Security

Self Cite

View full text Add to dashboard Cite

Offline Trusted Device and Proxy Architecture Based on a new TLS Switching Technique

Migdal

Johansen

Jøsang

2017

2017 International Workshop on Secure Internet of Things (SIoT)

View full text Add to dashboard Cite

Infection of client devices poses a significant threat to secure user authentication. Combining vulnerable client devices with special security devices, as often the case in e-banking, can increase significantly the security. However, these often incur usability hurdles. This paper describes a new architecture where an untrusted proxy on the client device communicates both with server applications, and a trusted application running on a trusted device. The proxy switches between two TLS channels, one from the client application, and another from the trusted device. The result is a highly usable and flexible architecture with strong security assurances which, moreover, is transparent to the client or server applications, thus allowing it to be deployed in existing systems. We have implemented a PoC (available open source) and demonstrated it using the OffPAD device. Various applications of our architecture can be imagined, some of which we present in the end of the paper, applicable to web services and IoT systems.

show abstract

Entity Authentication and Trust Validation in PKI Using Petname Systems

Cited by 5 publications

References 9 publications

Identity management and trusted interaction in Internet and mobile computing

Identity management and trusted interaction in Internet and mobile computing

The OffPAD: Requirements and Usage

Offline Trusted Device and Proxy Architecture Based on a new TLS Switching Technique

Contact Info

Product

Resources

About