How to incorporate revocation status information into the trust metrics for public-key certification

Authors:
Kemal Bicakci;Bruno Crispo;Andrew S. Tanenbaum
Affiliations:
Vrije Universiteit Amsterdam, The Netherlands;Vrije Universiteit Amsterdam, The Netherlands;Vrije Universiteit Amsterdam, The Netherlands
Venue:
Proceedings of the 2005 ACM symposium on Applied computing
Year:
2005

Citing 7
Cited 6

Authentication metric analysis and design

ACM Transactions on Information and System Security (TISSEC)
Inside risks: Risks in email security

Communications of the ACM
Valuation of Trust in Open Networks

ESORICS '94 Proceedings of the Third European Symposium on Research in Computer Security
Modelling a Public-Key Infrastructure

ESORICS '96 Proceedings of the 4th European Symposium on Research in Computer Security: Computer Security
A Certification Scheme for Electronic Commerce

Proceedings of the International Workshop on Security Protocols
Confidence Valuation in a Public-Key Infrastructure Based on Uncertain Evidence

PKC '00 Proceedings of the Third International Workshop on Practice and Theory in Public Key Cryptography: Public Key Cryptography
Is hierarchical public-key certification the next target for hackers?

Communications of the ACM - Interactive immersion in 3D graphics

Towards a precise semantics for authenticity and trust

Proceedings of the 2006 International Conference on Privacy, Security and Trust: Bridge the Gap Between PST Technologies and Business Services
A trust assignment model based on alternate actions payoff

iTrust'06 Proceedings of the 4th international conference on Trust Management
Modeling long-term signature validation for resolution of dispute

TOSCA'11 Proceedings of the 2011 international conference on Theory of Security and Applications
Certification validation: back to the past

EuroPKI'11 Proceedings of the 8th European conference on Public Key Infrastructures, Services, and Applications
Towards modeling trust based decisions: a game theoretic approach

ESORICS'07 Proceedings of the 12th European conference on Research in Computer Security
Certification validation: Back to the past

Computers & Mathematics with Applications

Quantified Score

Hi-index	0.00

Visualization

Abstract

In a traditional PKI, the trust associated with a public key is expressed in binary either by 0 or 1. Alternatively, several authors have proposed trust metrics to evaluate the confidence afforded by a public key. However their work has a static point of view and does not take into account the issue of public key revocation. In this paper, we make the first attempt to incorporate the revocation status information into the trust metrics for public key certification. To achieve our goal, we use a tailored form of a vector of trust model recently proposed. This would allow us to reason formally about when there is a need to check revocation status and how reliable the revocation mechanism should be in a given security application.