Modeling Public Key Infrastructures in the Real World

Marchesini, John; Smith, Sean W.

doi:10.1007/11533733_8

Cited by 20 publications

(7 citation statements)

References 23 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In this paper, we choose to use graph theory to model and reason about the security of such systems, as this representation is intuitive and can support arguments concerning the network connections of the nodes. Our representation is compatible with the seminal work of Maurer [Mau96] and its extension [MS05]. We begin by defining the basic concepts of our model, then we consider the capabilities of possible adversaries, and finally we give examples by instantiating our model with OpenPGP and X.509 to show its generality.…”

Section: A Model Of a Tm System For Authenticationmentioning

confidence: 99%

Beyond the Hype: On Using Blockchains in Trust Management for Authentication

Alexopoulos

Daubert

Mühlhäuser

et al. 2017

2017 IEEE Trustcom/BigDataSE/Icess

View full text Add to dashboard Cite

Trust Management (TM) systems for authentication are vital to the security of online interactions, which are ubiquitous in our everyday lives. Various systems, like the Web PKI (X.509) and PGP's Web of Trust are used to manage trust in this setting. In recent years, blockchain technology has been introduced as a panacea to our security problems, including that of authentication, without sufficient reasoning, as to its merits.In this work, we investigate the merits of using open distributed ledgers (ODLs), such as the one implemented by blockchain technology, for securing TM systems for authentication. We formally model such systems, and explore how blockchain can help mitigate attacks against them. After formal argumentation, we conclude that in the context of Trust Management for authentication, blockchain technology, and ODLs in general, can offer considerable advantages compared to previous approaches. Our analysis is, to the best of our knowledge, the first to formally model and argue about the security of TM systems for authentication, based on blockchain technology. To achieve this result, we first provide an abstract model for TM systems for authentication. Then, we show how this model can be conceptually encoded in a blockchain, by expressing it as a series of state transitions. As a next step, we examine five prevalent attacks on TM systems, and provide evidence that blockchain-based solutions can be beneficial to the security of such systems, by mitigating, or completely negating such attacks. * A version of this paper appeared at IEEE TrustCom-17

show abstract

Section: A Model Of a Tm System For Authenticationmentioning

confidence: 99%

Beyond the Hype: On Using Blockchains in Trust Management for Authentication

Alexopoulos

Daubert

Mühlhäuser

et al. 2017

2017 IEEE Trustcom/BigDataSE/Icess

View full text Add to dashboard Cite

show abstract

“…Maurer's model was revised by Marchesini and Smith [22] in order to deal with the complexity of the real world issues. Maurer's model did not consider the revocation and the expiration issue.…”

Section: Trust and Certication Authoritymentioning

confidence: 99%

A formal model of trust for calculating the quality of X.509 certificate

Samer

Laborde

Barrère

et al. 2011

Security Comm Networks

View full text Add to dashboard Cite

The growing number of Public Key Infrastructure (PKI) and the increasing number of situations where partners of a transaction may carry certificates signed by different certification authority (CA) points out the problematic of trust between the different CAs. Several trust models, like the hierarchy model, cross-certification model, and bridge CA model were proposed in order to establish and extend the domain of trust of relying parties (RP). However, each model has disadvantages and especially the scalability in large open networks like Internet. In this paper, we provide users with quantitative information of the confidence a relying party can have about a certificate. We call this information quality of certificate (QoCER). QoCER depends on two parameters which are the quality of procedures announced in the certificate policy (CP) and the quality of CA (QoCA) that represents the evaluation of the CA commitment to its policy. QoCA is calculated based on the recommendation of different actors (audit agency, RP, etc.). QoCER is balanced by another information that represents the confidence on QoCA calculation. We present a formal model of trust to calculate these values. † The person and/or the application that receives a certificate to validate.The task of RPs is both huge and complex. RPs must be able to validate the certificate, its authenticity, its integrity, and the appropriateness of the certificate for the concerned application. The certificate validation ensures that the certificate is not revoked, within the validity period, etc. The authenticity and the integrity of certificates ensure that certificates come from trusted sources and the contained information inside a certificate has not been modified by an unauthorized entity. Finally, the appropriateness of the certificate is determined by RPs and related to the quality of certificate (QoCER).The QoCER depends on the robustness of procedures performed to issue/manage the certificates life cycle and the commitment of CAs to these procedures. CAs publish their procedures for checking the identities of users, generating keys, storing keys, destructing private keys, and maintaining the safety of the systems in documents called certification practice statement (CPS) and certificate policy (CP). Theoretically, RPs belief must be principally based on the reading of these documents, but this requires the RP to be an expert in PKI technology in order to understand these documents which are both long and technical. Clearly, most of RPs would not read these documents. Furthermore these

show abstract

“…not contain a time parameter, which is necessary for key revocation. Marchesini [19] addressed this issue and extended Maurer's model by axioms for properties, time and domain and thus provided numerous additional abilities of the system, including key revocation. In 2006 Bicakci [20] also investigated the incorporation of certificate revocation in this system and Gligor [21] discussed the need of additional parameters such as multiple types of evidence, negative evidence, and false evidence when using Maurer's model in ad-hoc networks.…”

Section: Trust Metricsmentioning

confidence: 99%

Efficient Distribution of Trust Authority Functions in Tactical Networks

Reidt

Wolthusen

2007

2007 IEEE SMC Information Assurance and Security Workshop

View full text Add to dashboard Cite

Abstract-In this paper we describe an algorithm for the distribution of trust authority functions such as key generation and distribution in tactical mobile ad hoc networks. Such networks cannot rely on existing infrastructures and must operate under severe resource constraints. Moreover, network partitioning and node failure, including Byzantine failures must be compensated in tactical networks. We propose the combination of metrics on both network state and beliefs or trust in other nodes to form a composite metric for use in a clustering algorithm. The effectiveness and other characteristics of this improved clustering algorithm are then evaluated and analyzed in a simulation environment, demonstrating a significant improvement over the baseline clustering algorithm.

show abstract

Modeling Public Key Infrastructures in the Real World

Cited by 20 publications

References 23 publications

Beyond the Hype: On Using Blockchains in Trust Management for Authentication

Beyond the Hype: On Using Blockchains in Trust Management for Authentication

A formal model of trust for calculating the quality of X.509 certificate

Efficient Distribution of Trust Authority Functions in Tactical Networks

Contact Info

Product

Resources

About