Reference from ESORICS proceedings

5th European Symposium on Research in Computer Security (ESORICS 98)

A Subjective Metric of Authentication

Audun Jøsang

Keywords :

Abstract : Determining the authenticity of public keys in large-scale open networks can not be based on certificates alone, but must also include the binding between the key used for certification and it's owner, as well as the trust relationships between individual agents. This paper describes a method for computing authenticity measures based on certificates, on key binding, and on trust relationships. Two essential elements of the method are the opinion model which is a radically new way of representing trust, and subjective logic which consists of a set of logical operators for combining opinions. We show that our method for computing authenticity measures can be applied to both anarchic and hierarchic authentication networks.

(Pages 329-344)

Proceedings table of contents