Trust Views for the Web PKI
نویسندگان
چکیده
The steadily growing number of certification authorities (CAs) assigned to the Web Public Key Infrastructure (Web PKI) and trusted by current browsers imposes severe security issues. Apart from being impossible for relying entities to assess whom they actually trust, the current binary trust model implemented with the Web PKI makes each CA a single point of failure. In this paper, we present the concept of trust views to manage variable trust levels for exactly those CAs actually required by a relying entity. This reduces the set of trusted CAs and minimizes the risk to rely on malicious certificates issued due to CA failures or compromises.
منابع مشابه
Reputation Systems for Trust Management in the Web PKI
This thesis’ goal is to reduce the attack surface of the existing Web Public Key Infrastructure (PKI) by applying user trust as in real world scenarios of human trust establishment. Reputation systems can be used to exchange Certification Authority (CA) trust information and lower the risk on relying on malicious CAs. The matter in question is connection trust, determining whether a SSL/TLS con...
متن کاملServer Notaries: A Complementary Approach to the Web PKI Trust Model
SSL/TLS is the de facto protocol for providing secure communication over the Internet. It relies on the Web PKI model for authentication and secure key exchange. Despite its relatively successful past, the number of Web PKI incidents observed have increased recently. These incidents revealed the risks of forged certificates issued by certificate authorities without the consent of the domain own...
متن کاملUtilizing Social Networking Platforms to Support Public Key Infrastructures
Although public key infrastructures (PKI) exist for quite a while already, neither hierarchical PKI based on Certification Authorities (CA) nor decentralized webs-of-trust have come to great popularity, particularly not in the private sector. In this paper we want to analyze some reasons for this development and propose possible solutions. The utilization of social networking platforms which ha...
متن کاملMaintaining security and trust in large scale public key infrastructures
In Public Key Infrastructures (PKIs), trusted Certification Authorities (CAs) issue public key certificates which bind public keys to the identities of their owners. This enables the authentication of public keys which is a basic prerequisite for the use of digital signatures and public key encryption. These in turn are enablers for ebusiness, e-government and many other applications, because t...
متن کاملSome limitations of web of trust models
The “web of trust” is one approach to the problem of trusted exchange of public keys in a public key security system. In a web of trust, individuals accept the bulk of the responsibility for identifying and authenticating each other and subsequently swapping their keys. This trust model is supported by some commercial products and some industry standards. The main alternative is the Public Key ...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- IACR Cryptology ePrint Archive
دوره 2013 شماره
صفحات -
تاریخ انتشار 2013