PKI Trust Models
نویسنده
چکیده
A PKI can be described as a set of technologies, procedures and policies for propagating trust from where it initially exists to where it is needed for authentication in online environments. How the trust propagation takes place under a specific PKI depends on the PKI’s syntactic trust structure which is commonly known as a trust model. However, trust is primarily a semantic concept that can not be expressed in syntactic terms alone. In order to define meaningful trust models for PKIs it is also necessary to consider the semantic assumptions and human cognition of trust relationships, as explicitly or implicitly expressed by certification policies, legal contractual agreements between participants in a PKI, and by how identity information is displayed and represented. Of the many different PKI trust models proposed in the literature, some have been implemented and are currently used in practical settings, from small personal networks to large scale private and public networks such as the Internet. This article takes a closer look at the most prominent and widely used PKI trust models, and discusses related semantic issues.
منابع مشابه
Modelling Trust Structures for Public Key Infrastructures
The development of Public Key Infrastructures (PKIs) is highly desirable to support secure digital transactions and communications throughout existing networks. It is important to adopt a particular trust structure or PKI model at an early stage as this forms a basis for the PKI’s development. Many PKI models have been proposed but use only natural language descriptions. We apply a simple forma...
متن کاملTrust Views for the Web PKI
The steadily growing number of certification authorities (CAs) assigned to the Web Public Key Infrastructure (Web PKI) and trusted by current browsers imposes severe security issues. Apart from being impossible for relying entities to assess whom they actually trust, the current binary trust model implemented with the Web PKI makes each CA a single point of failure. In this paper, we present th...
متن کاملSimulation analysis of protected B2B e-commerce processes
In this paper a simulation analysis of certain trust models (complex PKI architectures) with regard to the security support of B2B applications on the Internet is presented. The objective of such an analysis has been the choice of the most efficient PKI architecture and a solution of the cryptographic interoperability problem. A simulation model of protected B2B e-commerce has also been present...
متن کاملAn Axiomatic Basis for Reasoning about Trust in PKIs
Trust is essential to a communication channel. The trust relationships, which play an important role in Public Key Infrastructures (PKIs), need to be formalized for providing a reliable modelling methodology to support secure digital communications. In this paper, we present a typed modal logic used for specifying and reasoning about trust in PKIs. In order to study trust relationships within P...
متن کاملPKI Interoperability: Still an Issue? A Solution in the X.509 Realm
There exist many obstacles that slow the global adoption of public key infrastructure (PKI) technology. The PKI interoperability problem, being poorly understood, is one of the most confusing. In this paper, we clarify the PKI interoperability issue by exploring both the juridical and technical domains. We demonstrate the origin of the PKI interoperability problem by determining its root causes...
متن کامل