Resilient Authentication Using Path Independence
IEEE Transactions on Computers
Tolerating penetrations and insider attacks by requiring independent corroboration
Proceedings of the 1998 workshop on New security paradigms
Conduit cascades and secure synchronization
Proceedings of the 2000 workshop on New security paradigms
Trust: benefits, models, and mechanisms
Secure Internet programming
E-Commerce Trust Metrics and Models
IEEE Internet Computing
On the Complexity of Public-Key Certificate Validation
ISC '01 Proceedings of the 4th International Conference on Information Security
Authentication for Mobile Agents
Mobile Agents and Security
Guarding the next Internet frontier: countering denial of information attacks
Proceedings of the 2002 workshop on New security paradigms
Attack-Resistance of Computational Trust Models
WETICE '03 Proceedings of the Twelfth International Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises
Ant-Based Adaptive Trust Evidence Distribution in MANET
ICDCSW '04 Proceedings of the 24th International Conference on Distributed Computing Systems Workshops - W7: EC (ICDCSW'04) - Volume 7
Propagation Models for Trust and Distrust in Social Networks
Information Systems Frontiers
Message authentication by integrity with public corroboration
NSPW '05 Proceedings of the 2005 workshop on New security paradigms
ACSC '06 Proceedings of the 29th Australasian Computer Science Conference - Volume 48
Simplification and analysis of transitive trust networks
Web Intelligence and Agent Systems
On interdomain routing security and pretty secure BGP (psBGP)
ACM Transactions on Information and System Security (TISSEC)
Attack-resistant trust metrics for public key certification
SSYM'98 Proceedings of the 7th conference on USENIX Security Symposium - Volume 7
Evaluating the Wisdom of Crowds in Assessing Phishing Websites
Financial Cryptography and Data Security
ALPACA: a lightweight platform for analyzing claim acceptability
Proceedings of the 2nd ACM workshop on Information credibility on the web
Enforcing access control in Web-based social networks
ACM Transactions on Information and System Security (TISSEC)
Case study: trust establishment in personal area networks
ISWPC'09 Proceedings of the 4th international conference on Wireless pervasive computing
A process-oriented model for authentication on the basis of a coloured Petri net
BPM'03 Proceedings of the 2003 international conference on Business process management
A novel probabilistic trust evaluation algorithm
ACOS'06 Proceedings of the 5th WSEAS international conference on Applied computer science
Leveraging Social Feedback to Verify Online Identity Claims
ACM Transactions on the Web (TWEB)
Hi-index | 0.00 |
Abstract: Authentication using a path of trusted intermediaries, each able to authenticate the next one in the path, is a well-known technique for authenticating entities in a large-scale system. Recent work has extended this technique to include multiple paths in an effort to bolster authentication, but the success of this approach may be unclear in the face of intersecting paths, ambiguities in the meaning of certificates, and interdependencies in the use of different keys. Several authors have thus proposed metrics to evaluate the confidence afforded by a set of paths. In this paper, we develop a set of guiding principles for the design of such metrics. We motivate our principles by showing how previous approaches fail with respect to them and what the consequences to authentication might be. We then propose a direction for constructing metrics that come closer to meeting our principles and thus, we believe, to being satisfactory metrics for authentication.