Skip to main content
SpringerLink
Log in
SpringerLink
Log in

An Axiomatic Basis for Reasoning about Trust in PKIs

  • Conference paper
  • First Online:
Information Security and Privacy (ACISP 2001)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 2119))

Included in the following conference series:

Abstract

Trust is essential to a communication channel. The trust relationships, which play an important role in Public Key Infrastructures (PKIs), need to be formalized for providing a reliable modelling methodology to support secure digital communications. In this paper, we present a typed modal logic used for specifying and reasoning about trust in PKIs. In order to study trust relationships within PKIs, we define TA (a set of trust axioms), TB (a trust base) and TC (a set of trusted certificates). In our method, the trust relation in a given PKI is formalized by trust axioms. Based on trust axioms, an agent can have its own trust base that contains all agents whom the agent trusts, and can derive and extend its trusted certificates set. The trust theory for a given PKI, which consists of our modal logic and a set of trust axioms proposed for the PKI, is the basis of the certificate verification function.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. M. Blaze, J. Feigenbaum, and J. Lacy. Decentralized trust management. In Proceedings of the 1993 IEEE Computer Society Symposium on research in Security and Privacy, pages 164–173, 1996.

    Google Scholar 

  2. M. Burrows, M. Abadi, and R. M. Needham. A logic of authentication. In Proceedings of the Royal Society of London 426, pages 233–271, 1989.

    Article  MATH  MathSciNet  Google Scholar 

  3. A. Herzberg, Y. Mass, and J. Mihaeli. Access control meets public key infrastructure, or: Assigning roles to strangers. In Proceedings of the 2000 IEEE Computer Society Symposium on research in Security and Privacy, pages 2–14, 2000.

    Google Scholar 

  4. R. Housley, W. Ford, W. Polk, and D. Solo. RCF 2459, Internet X.509 Public Key Infrastructure-Part I: Certificate and CRL Profile. Internet Request for Comments 2459, January 1999.

    Google Scholar 

  5. A. Jøsang and S.J. Knapskog. A metric for trusted systems. In Proceedings of the 21st National Security Conference, NSA 1998.

    Google Scholar 

  6. A. Jøsang, I. G. Pedersen, and D. Povey. PKI seeks a trusting relationship. In Proceedings of the 5th Australasian Conference on Information Security and Privacy (ACISP 2000), volume 1841 of Lecture Notes in Computer Science, pages 191–205. Springer, 2000.

    Google Scholar 

  7. S. Kent. Privacy Enhancement for Internet Electronic Mail, Part II: Certificate-Based Key Management, Request for Comments 1422. Network Working Group, 1993.

    Google Scholar 

  8. R. Kohlas and U. Maurer. Confidence valuation in a public-key infrastrucutre based on uncertain evidence. In Proceedings of the 3rd International Workshop on Practice and Theory in Public Key Cryptosystems (PKC 2000), volume 1751 of Lecture Notes in Computer Science, pages 93-113. Springer, 2000.

    Google Scholar 

  9. N. Li, B. Grosof, and J. Feigenbaum. A practically implementable and tractable delegation logic. In Proceedings of the 2000 IEEE Computer Society Symposium on research in Security and Privacy, pages 27–42, 2000.

    Google Scholar 

  10. C. Liu, M. A. Ozols, M. Henderson, and T. Cant. A state-based model for ceritificate management systems. In Proceedings of the 3rd International Workshop on Practice and Theory in Public Key Cryptosystems (PKC 2000), volume 1751 of Lecture Notes in Computer Science, pages 75–92. Springer, 2000.

    Google Scholar 

  11. Ueli Maurer. Modeling a public-key infrastructure. In E. Bertino, H. Knurth, G. Martella, and E. Montolivo, editors, Computer Security-ESORICS’96 (LNCS 1146). Springer-Verlag, 1996.

    Google Scholar 

  12. M. A. Ozols, M. Henderson, C. Liu, and T. Cant. The PKI specification dilemma: A formal solution. In Proceedings of the 5th Australasian Conference on Information Security and Privacy (ACISP 2000), volume 1841 of Lecture Notes in Computer Science, pages 206–219. Springer, 2000.

    Google Scholar 

  13. L. C. Paulson. ML for Working Programmer. Cambridge University Press, 1991.

    Google Scholar 

  14. R. Yahalom, B. Klein, and Th. Beth. Trust relationships in security systems-A distributed authentication prespective. In Proceedings of the 1993 IEEE Computer Society Symposium on research in Security and Privacy, pages 151–164, 1993.

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Information Technology Division, Defence Science and Technology Organisation, PO Box 1500, Salisbury, SA, 5108, Australia

    Chuchang Liu, Maris Ozols & Tony Cant

Authors
  1. Chuchang Liu
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Maris Ozols
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Tony Cant
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Computing, Macquarie University, North Ryde, NSW, 2109, Australia

    Vijay Varadharajan  & Yi Mu  & 

Rights and permissions

Reprints and permissions

Copyright information

© 2001 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Liu, C., Ozols, M., Cant, T. (2001). An Axiomatic Basis for Reasoning about Trust in PKIs. In: Varadharajan, V., Mu, Y. (eds) Information Security and Privacy. ACISP 2001. Lecture Notes in Computer Science, vol 2119. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-47719-5_23

Download citation

  • DOI: https://doi.org/10.1007/3-540-47719-5_23

  • Published:

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-42300-3

  • Online ISBN: 978-3-540-47719-8

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation