Journal ArticleDOI
A formal model of trust for calculating the quality of X.509 certificate
Reads0
Chats0
TLDR
This paper provides users with quantitative information of the confidence a relying party can have about a certificate (QoCER) and presents a formal model of trust to calculate these values.Abstract:
The growing number of Public Key Infrastructure (PKI) and the increasing number of situations where partners of a transaction may carry certificates signed by different certification authority (CA) points out the problematic of trust between the different CAs. Several trust models, like the hierarchy model, cross-certification model, and bridge CA model were proposed in order to establish and extend the domain of trust of relying parties (RP). However, each model has disadvantages and especially the scalability in large open networks like Internet. In this paper, we provide users with quantitative information of the confidence a relying party can have about a certificate. We call this information quality of certificate (QoCER). QoCER depends on two parameters which are the quality of procedures announced in the certificate policy (CP) and the quality of CA (QoCA) that represents the evaluation of the CA commitment to its policy. QoCA is calculated based on the recommendation of different actors (audit agency, RP, etc.). QoCER is balanced by another information that represents the confidence on QoCA calculation. We present a formal model of trust to calculate these values. Copyright © 2010 John Wiley & Sons, Ltd.read more
Citations
More filters
A logic for uncertain probabilities
TL;DR: A framework which is called subjective logic uses elements from the Dempster-Shafer belief theory and it is shown that it is compatible with binary logic and probability calculus.
Book ChapterDOI
INCOME – Multi-scale Context Management for the Internet of Things
Jean-Paul Arcangeli,Amel Bouzeghoub,Valérie Camps,C. Marie-Françoise Canut,Sophie Chabridon,Denis Conan,Thierry Desprats,Romain Laborde,Emmanuel Lavinal,Sébastien Leriche,Hervé Maurel,André Péninou,Chantal Taconet,Pascale Zaraté +13 more
TL;DR: The INCOME project whose goal is to provide generic software and middleware components to ease the design and development of mass market context-aware applications built above the Internet of Things allows to bridge the gap between these two very active research domains.
Journal ArticleDOI
CA trust management for the Web PKI
TL;DR: Evaluation of CA-TMS with real world data shows that an attack surface reduction by more than 95% is achievable and is complemented by an optional reputation system that allows to utilize the knowledge of other entities while maintaining the minimal set of trusted CAs.
Proceedings ArticleDOI
A User-Centric Identity Management Framework based on the W3C Verifiable Credentials and the FIDO Universal Authentication Framework
Romain Laborde,Arnaud Oglaza,Samer Wazan,Francois Barrere,Abdelmalek Benzekri,David W. Chadwick,Rémi Venant +6 more
TL;DR: This work presents a user-centric and decentralized digital identity system that allows anyone to easily benefit from an enriched digital identity made of multi-purpose and multi-origin attributes and increases usability by the elimination of user passwords.
Journal ArticleDOI
Trust Management for Public Key Infrastructures: Implementing the X.509 Trust Broker
Ahmad Samer Wazan,Romain Laborde,David W. Chadwick,Francois Barrere,Abdelmalek Benzekri,Mustafa Kaiiali,Adib Habbal +6 more
TL;DR: This paper presents an implementation approach that a Trust Broker could follow in order to give RPs trust information about a CA by assessing the quality of its issued certificates, and demonstrates how RPs can make informed decisions about certificate holders in the context of the global web, without requiring large processing resources themselves.
References
More filters
Proceedings Article
The PageRank Citation Ranking : Bringing Order to the Web
TL;DR: This paper describes PageRank, a mathod for rating Web pages objectively and mechanically, effectively measuring the human interest and attention devoted to them, and shows how to efficiently compute PageRank for large numbers of pages.
Journal ArticleDOI
A survey of trust and reputation systems for online service provision
TL;DR: Trust and reputation systems represent a significant trend in decision support for Internet mediated service provision as mentioned in this paper, where the basic idea is to let parties rate each other, for example after the completion of a transaction, and use the aggregated ratings about a given party to derive a trust or reputation score.
Book ChapterDOI
Trust among strangers in internet transactions: Empirical analysis of eBay' s reputation system
TL;DR: Examination of a large data set from 1999 reveals several interesting features, including a high correlation between buyer and seller feedback, suggesting that the players reciprocate and retaliate.
Proceedings ArticleDOI
Supporting trust in virtual communities
A Abdul-Rahman,Stephen Hailes +1 more
TL;DR: In this article, a trust model that is grounded in real-world social trust characteristics, and based on a reputation mechanism, or word-of-mouth, is proposed for the virtual medium.
Journal ArticleDOI
A logic for uncertain probabilities
TL;DR: In this article, the Dempster-Shafer belief theory is used to define a metric for uncertain probabilities called opinion and a set of logical operators that can be used for logical reasoning with uncertain propositions.