A calculus of trust and its application to PKI and identity management

Jingwei Huang, David Nicol

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

We introduce a formal semantics based calculus of trust that explicitly represents trust and quantifies the risk as-sociated with trust in public key infrastructure (PKI) and identity management (IdM). We then show by example how to formally represent trust relationships and quantitatively evaluate the risk associated with trust in public key certifi-cate chains. In the context of choosing a certificate chain, our research shows that the shortest chain need not be the most trustworthy, and that it may make sense to compare the trustworthiness of a potential chain against a thresh-old to govern acceptance, changing the problem to finding a chain with sufficiently high trustworthiness. Our calculus also shows how quantified trust relationships among CAs can be combined to achieve an overall trust assessment of an ofiered certificate.

Original languageEnglish (US)
Title of host publicationIDtrust 2009 - Proceedings of the 8th Symposium on Identity and Trust on the Internet
EditorsKent Seamons, Neal McBurnett, Tim Polk
PublisherAssociation for Computing Machinery
Pages23-37
Number of pages15
ISBN (Electronic)9781605584744
DOIs
StatePublished - Apr 14 2009
Event8th Symposium on Identity and Trust on the Internet, IDtrust 2009 - Gaithersburg, United States
Duration: Apr 14 2009Apr 16 2009

Publication series

NameACM International Conference Proceeding Series
VolumePart F128834

Other

Other8th Symposium on Identity and Trust on the Internet, IDtrust 2009
Country/TerritoryUnited States
CityGaithersburg
Period4/14/094/16/09

Keywords

  • Identity management
  • PKI
  • Risk assess-ment
  • Semantics of trust
  • Social networks
  • Trust modeling
  • Uncertainty

ASJC Scopus subject areas

  • Software
  • Human-Computer Interaction
  • Computer Vision and Pattern Recognition
  • Computer Networks and Communications

Fingerprint

Dive into the research topics of 'A calculus of trust and its application to PKI and identity management'. Together they form a unique fingerprint.

Cite this