An Axiomatic Basis for Reasoning about Trust in PKIs
نویسندگان
چکیده
Trust is essential to a communication channel. The trust relationships, which play an important role in Public Key Infrastructures (PKIs), need to be formalized for providing a reliable modelling methodology to support secure digital communications. In this paper, we present a typed modal logic used for specifying and reasoning about trust in PKIs. In order to study trust relationships within PKIs, we define TA (a set of trust axioms), TB (a trust base) and TC (a set of trusted certificates). In our method, the trust relation in a given PKI is formalized by trust axioms. Based on trust axioms, an agent can have its own trust base that contains all agents whom the agent trusts, and can derive and extend its trusted certificates set. The trust theory for a given PKI, which consists of our modal logic and a set of trust axioms proposed for the PKI, is the basis of the certificate verification function.
منابع مشابه
Walking the Web of Trust
Most currently deployed Public Key Infrastructures (PKIs) are hierarchically oriented and rely on a centralized design. Hierarchical PKIs may be appropriate solutions for many usage-scenarios, but there exists the viable alternative of the ‘Web of Trust’. In a web of trust, each user of the system can choose for himself whom he elects to trust, and whom not. After contrasting the properties of ...
متن کاملModelling Trust Structures for Public Key Infrastructures
The development of Public Key Infrastructures (PKIs) is highly desirable to support secure digital transactions and communications throughout existing networks. It is important to adopt a particular trust structure or PKI model at an early stage as this forms a basis for the PKI’s development. Many PKI models have been proposed but use only natural language descriptions. We apply a simple forma...
متن کامل1st Annual PKI Research Workshop---Proceedings
The fundamental goal of PKIs is to provide a means for participating entities to establish and manage trust in other entities, either within or across domain boundaries. As PKIs have evolved, so has the set of alternate methods supporting validation of entities, their certificates, and their keys. Validation processing determines whether or not the acceptance of a certificate or key represents ...
متن کاملA Logic for Object - ZGraeme
This paper presents a logic for Object-Z which extends W, the logic for Z adopted as the basis of the deductive system in the Z Base Standard. The logic provides a basis on which tool support for reasoning about Object-Z speciications can be developed. It also formalises the intended meaning of Object-Z constructs and hence provides an abstract, axiomatic semantics of the language.
متن کاملRethinking PKI: What's Trust Got to Do with It?
Much of the literature related to public key infrastructure (PKI) uses terms such as “trust” extensively and assumes that certification authorities (CAs) are trusted third parties (TTPs). It is certainly true that the best known CAs today are commercial TTPs, and such CAs have played an important role in making the general public aware of PKIs. But, not all PKIs need adopt this sort of CA model...
متن کامل