The official PGP user's guide
Authentication metric analysis and design
ACM Transactions on Information and System Security (TISSEC)
Pushdown processes: games and model-checking
Information and Computation - Special issue on FLOC '96
Certificate chain discovery in SPKI?SDSI
Journal of Computer Security
Valuation of Trust in Open Networks
ESORICS '94 Proceedings of the Third European Symposium on Research in Computer Security
Modelling a Public-Key Infrastructure
ESORICS '96 Proceedings of the 4th European Symposium on Research in Computer Security: Computer Security
Review on Computational Trust and Reputation Models
Artificial Intelligence Review
A survey of trust and reputation systems for online service provision
Decision Support Systems
Attack-resistant trust metrics for public key certification
SSYM'98 Proceedings of the 7th conference on USENIX Security Symposium - Volume 7
Journal of Computer Security - Special issue on CSFW15
Simulation and the Monte Carlo Method (Wiley Series in Probability and Statistics)
Simulation and the Monte Carlo Method (Wiley Series in Probability and Statistics)
SDSIrep: a reputation system based on SDSI
TACAS'08/ETAPS'08 Proceedings of the Theory and practice of software, 14th international conference on Tools and algorithms for the construction and analysis of systems
A survey of trust in internet applications
IEEE Communications Surveys & Tutorials
Hi-index | 0.01 |
SPKI/SDSI is a distributed Public Key Infrastructure (PKI) framework that allows for issuing authorisation certificates granting permissions to access selected parts of privileged data not only to single principals, but also to user-defined groups. The fact that the protocol is decentralised and there is no designated entity that verifies the identity of the users of the system makes the trustfulness vary significantly from one user to another. In order to tackle this problem in decentralised PKI systems many trust metrics were created for computing how much one user can trust another even if they have never interacted with each other before, e.g. the Web of Trust in PGP. We show how to apply two of these metrics in the SPKI/SDSI setting. Specifically, a metric that interprets these values as a probability of non-failure and a metric interpreting them as flows. The fact that SPKI/SDSI is essentially as powerful as pushdown systems makes computation of these trust metrics a lot harder in our setting than when the system can be represented as a finite graph. Actually, both of these problems are shown to be #P-complete, but at the same time we show a randomised approximation algorithm for the trust metric based on the probabilistic interpretation. Finally, to test how fast these values can be computed in practise, we implemented them in a tool called Spookey. Spookey allows for representing an arbitrary system of SPKI/SDSI certificates labelled with trust values. We present the performance results obtained by using our tool.