Reasoning about Trust and Insurance in a Public Key Infrastructure

نویسندگان

  • Jonathan K. Millen
  • Rebecca N. Wright
چکیده

In the real world, insurance is used to mitigate-nancial risk to individuals in many settings. Similarly, it has been suggested that insurance can be used in distributed systems, and in particular, in authentica-tion procedures, to mitigate individual's risks there. In this paper, we further explore the use of insurance for public-key certiicates and other kinds of statements. We also describe an application using threshold cryptography in which insured keys would also have an auditor involved in any transaction using the key, allowing the insurer better control over its liability. We provide a formal yet simple insurance logic that can be used to deduce the amount of insurance associated with statements based on the insurance associated with related statements. Using the logic, we show how trust relationships and insurance can work together to provide conndence.

برای دانلود رایگان متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Modelling a Public - Key Infrastructure 1

A global public-key infrastructure (PKI), components of which are emerging in the near future, is a prerequisite for security in distributed systems and for electronic commerce. The purpose of this paper is to propose an approach to modelling and reasoning about a PKI from a user Alice's point of view. Her view, from which she draws conclusions about the authenticity of other entities' public k...

متن کامل

An Axiomatic Basis for Reasoning about Trust in PKIs

Trust is essential to a communication channel. The trust relationships, which play an important role in Public Key Infrastructures (PKIs), need to be formalized for providing a reliable modelling methodology to support secure digital communications. In this paper, we present a typed modal logic used for specifying and reasoning about trust in PKIs. In order to study trust relationships within P...

متن کامل

Tradeoff Negotiation: The Importance of Getting in the Game; Comment on “Swiss-CHAT: Citizens Discuss Priorities for Swiss Health Insurance Coverage”

Swiss-CHAT’s playful approach to public rationing can be considered in terms of deliberative process design as well as in terms of health policy. The process’ forced negotiation of trade-offs exposed unexamined driving questions, and challenged prevalent presumptions about health care demand and about conditions of public reasoning that enable transparent rationing. While the experiment provide...

متن کامل

Certificates-as-an-Insurance: Incentivizing Accountability in SSL/TLS

We propose to leverage accountability mechanisms to deal with trust-related security incidents of certification authorities (CAs) in the SSL/TLS public-key infrastructure (PKI). We argue that, despite recent advances in securing certificate issuance and verification, the TLS PKI does not sufficiently incentivize careful identity verification by CAs during certificate issuance or provide CA acco...

متن کامل

Confidence Valuation in a Public-Key Infrastructure Based on Uncertain Evidence

Public-key authentication based on public-key certificates is a special case of the general problem of verifying a hypothesis (that a public key is authentic), given certain pieces of evidence. Beginning with PGP, several authors have pointed out that trust is often an uncertain piece of evidence and have proposed ad hoc methods, sometimes referred to as trust management, for dealing with this ...

متن کامل

ذخیره در منابع من

ذخیره در منابع من قبلا به منابع من ذحیره شده

{@ msg_add @}


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2000