Sciweavers

IDTRUST
2009
ACM

A calculus of trust and its application to PKI and identity management

14 years 7 months ago
A calculus of trust and its application to PKI and identity management
We introduce a formal semantics based calculus of trust that explicitly represents trust and quantifies the risk associated with trust in public key infrastructure (PKI) and identity management (IdM). We then show by example how to formally represent trust relationships and quantitatively evaluate the risk associated with trust in public key certificate chains. In the context of choosing a certificate chain, our research shows that the shortest chain need not be the most trustworthy, and that it may make sense to compare the trustworthiness of a potential chain against a threshold to govern acceptance, changing the problem to finding a chain with sufficiently high trustworthiness. Our calculus also shows how quantified trust relationships among CAs can be combined to achieve an overall trust assessment of an offered certificate. Categories and Subject Descriptors K.6.5[Management of Computing and Information Systems] [Security and Protection]; I.2.11 [Distributed Artificial In...
Jingwei Huang, David Nicol
Added 19 May 2010
Updated 19 May 2010
Type Conference
Year 2009
Where IDTRUST
Authors Jingwei Huang, David Nicol
Comments (0)