Implementing fault-tolerant services using the state machine approach: a tutorial
ACM Computing Surveys (CSUR)
Authentication in distributed systems: theory and practice
ACM Transactions on Computer Systems (TOCS)
A faster deterministic maximum flow algorithm
SODA '92 Proceedings of the third annual ACM-SIAM symposium on Discrete algorithms
Internet Privacy Enhanced Mail
Communications of the ACM - Special issue on internetworking
Trust-based navigation in distributed systems
Computing Systems
The official PGP user's guide
Path independence for authentication in large-scale systems
Proceedings of the 4th ACM conference on Computer and communications security
Computers and Intractability: A Guide to the Theory of NP-Completeness
Computers and Intractability: A Guide to the Theory of NP-Completeness
Associating Metrics to Certification Paths
ESORICS '92 Proceedings of the Second European Symposium on Research in Computer Security
Valuation of Trust in Open Networks
ESORICS '94 Proceedings of the Third European Symposium on Research in Computer Security
Modelling a Public-Key Infrastructure
ESORICS '96 Proceedings of the 4th European Symposium on Research in Computer Security: Computer Security
On Inter-RealmAuthentication in Large Distributed Systems
SP '92 Proceedings of the 1992 IEEE Symposium on Security and Privacy
Trust Relationships in Secure Systems-A Distributed Authentication Perspective
SP '93 Proceedings of the 1993 IEEE Symposium on Security and Privacy
Toward acceptable metrics of authentication
SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
Attack-resistant trust metrics for public key certification
SSYM'98 Proceedings of the 7th conference on USENIX Security Symposium - Volume 7
Authentication metric analysis and design
ACM Transactions on Information and System Security (TISSEC)
A Derivative of Digital Objects and Estimation of Default Risks in Electronic Commerce
ICICS '01 Proceedings of the Third International Conference on Information and Communications Security
Trust- and Clustering-Based Authentication Services in Mobile Ad Hoc Networks
ICDCSW '04 Proceedings of the 24th International Conference on Distributed Computing Systems Workshops - W7: EC (ICDCSW'04) - Volume 7
Efficient, Self-Contained Handling of Identity in Peer-to-Peer Systems
IEEE Transactions on Knowledge and Data Engineering
Trust evaluation in ad-hoc networks
Proceedings of the 3rd ACM workshop on Wireless security
Optimal Dispersal of Certificate Chains
IEEE Transactions on Parallel and Distributed Systems
Vulnerability analysis of certificate graphs
International Journal of Security and Networks
A calculus of trust and its application to PKI and identity management
Proceedings of the 8th Symposium on Identity and Trust on the Internet
FlowTrust: trust inference with network flows
Frontiers of Computer Science in China
Exploring message authentication in sensor networks
ESAS'04 Proceedings of the First European conference on Security in Ad-hoc and Sensor Networks
Computing of trust in ad-hoc networks
CMS'06 Proceedings of the 10th IFIP TC-6 TC-11 international conference on Communications and Multimedia Security
| Hi-index | 14.98 |
Authentication using a path of trusted intermediaries, each able to authenticate the next in the path, is a well-known technique for authenticating channels in a large distributed system. In this paper, we explore the use of multiple paths to redundantly authenticate a channel and focus on two notions of path independence驴disjoint paths and connective paths驴that seem to increase assurance in the authentication. We give evidence that there are no efficient algorithms for locating maximum sets of paths with these independence properties and propose several approximation algorithms for these problems. We also describe a service we have deployed, called PathServer, that makes use of our algorithms to find such sets of paths to support authentication in PGP applications.