Design of Graded Trusts by Using Dynamic Path Validation

Abstract : In modern information service architectures, security is one of the most critical criteria. Almost every standard on information security is concerned with internal control of an organization, and particularly with authentication. If an RP (relying party) has valuable information assets, and requires a high level to authentication for accepting access to the valuable assets, then a strong mechanism is required. Here, we focus on a trust model of certificate authentication. Conventionally, a trust model of certificates is defined as a validation of chains of certificates. However, today, this trust model does not function well because of complexity of paths and of requirement of security levels. In this paper, we propose "dynamic path validation," together with another trust model of PKI for controlling this situation. First, we propose Policy Authority. Policy Authority assigns a level of compliance (LoC) to CAs in its domain. LoC is evaluated in terms of a common criteria of Policy Authority. Moreover, it controls the path building with considerations of LoC. Therefore, we can flexibly evaluate levels of CP/CPS's in one server. In a typical bridge model, we need as many bridge CAs as the number of required levels of CP/CPS's. In our framework, instead, we can do the same task in a single server, by which we can save the cost of maintaining lists of trust anchors of multiple levels.
Type de document :
Communication dans un congrès
Masakatsu Nishigaki; Audun Jøsang; Yuko Murayama; Stephen Marsh. 4th IFIP WG 11.11 International on Trust Management (TM), Jun 2010, Morioka, Japan. Springer, IFIP Advances in Information and Communication Technology, AICT-321, pp.172-183, 2010, Trust Management IV. 〈10.1007/978-3-642-13446-3_12〉
Liste complète des métadonnées

Littérature citée [21 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/hal-01061326
Contributeur : Hal Ifip <>
Soumis le : vendredi 24 novembre 2017 - 15:42:03
Dernière modification le : samedi 25 novembre 2017 - 01:23:59

Fichier

KuboS10.pdf
Fichiers produits par l'(les) auteur(s)

Licence


Distributed under a Creative Commons Paternité 4.0 International License

Identifiants

Citation

Akira Kubo, Hiroyuki Sato. Design of Graded Trusts by Using Dynamic Path Validation. Masakatsu Nishigaki; Audun Jøsang; Yuko Murayama; Stephen Marsh. 4th IFIP WG 11.11 International on Trust Management (TM), Jun 2010, Morioka, Japan. Springer, IFIP Advances in Information and Communication Technology, AICT-321, pp.172-183, 2010, Trust Management IV. 〈10.1007/978-3-642-13446-3_12〉. 〈hal-01061326〉

Partager

Métriques

Consultations de la notice

41

Téléchargements de fichiers

6