Fourth European Symposium on Research in Computer Security (ESORICS 96)
Modelling a Public-Key Infrastructure
Keywords : Distributed system security, key management, public-key certification, cryptography, trust, recommandations, probabilistic logic.
Abstract : A global public-key infrastructure (PKI), components of which are emerging in the near future, is a prerequisite for security in distributed systems and for electronic commerce. The purpose of this paper is to propose an approach to modelling and reasoning about a PKI from a user Alice's point of view. Her view, from which skie draws conclusions about the authenticity of other entities' public keys and possibly about the trustworthiness of other entities, consists of statements about which public keys skie believes to be authentic and which entities skie believes to be trustworthy, as well as a collection of certificates and recommandations obtained or retrieved from the PKI. The model takes into accourt recommandations for the trustworthiness of entities. Furthermore, it includes confidence values for statements and can exploit arbitrary certification structures containing multiple intersecting certification patins to achieve a higher confidence value than for any single certification patin. Confidence values are measured on a continuous scale between O and 1 and, in contrast to previous work in this area, are interpreted as probabilities in a well-defined random experiment.
Proceedings table of contents