Skip to Main content Skip to Navigation
Conference papers

Design of Graded Trusts by Using Dynamic Path Validation

Abstract : In modern information service architectures, security is one of the most critical criteria. Almost every standard on information security is concerned with internal control of an organization, and particularly with authentication. If an RP (relying party) has valuable information assets, and requires a high level to authentication for accepting access to the valuable assets, then a strong mechanism is required. Here, we focus on a trust model of certificate authentication. Conventionally, a trust model of certificates is defined as a validation of chains of certificates. However, today, this trust model does not function well because of complexity of paths and of requirement of security levels. In this paper, we propose "dynamic path validation," together with another trust model of PKI for controlling this situation. First, we propose Policy Authority. Policy Authority assigns a level of compliance (LoC) to CAs in its domain. LoC is evaluated in terms of a common criteria of Policy Authority. Moreover, it controls the path building with considerations of LoC. Therefore, we can flexibly evaluate levels of CP/CPS's in one server. In a typical bridge model, we need as many bridge CAs as the number of required levels of CP/CPS's. In our framework, instead, we can do the same task in a single server, by which we can save the cost of maintaining lists of trust anchors of multiple levels.
Document type :
Conference papers
Complete list of metadata

Cited literature [13 references]  Display  Hide  Download

https://hal.inria.fr/hal-01061326
Contributor : Hal Ifip <>
Submitted on : Friday, November 24, 2017 - 3:42:03 PM
Last modification on : Monday, May 17, 2021 - 12:00:04 PM

File

KuboS10.pdf
Files produced by the author(s)

Licence


Distributed under a Creative Commons Attribution 4.0 International License

Identifiers

Citation

Akira Kubo, Hiroyuki Sato. Design of Graded Trusts by Using Dynamic Path Validation. 4th IFIP WG 11.11 International on Trust Management (TM), Jun 2010, Morioka, Japan. pp.172-183, ⟨10.1007/978-3-642-13446-3_12⟩. ⟨hal-01061326⟩

Share

Metrics