Designing secure communication protocols from trust specifications
In a very large distributed system, entities may trust and mistrust others with respect to communication security in arbitrarily complex ways. We formulate the problem of designing a secure communication protocol, given a network interconnection and a ternary relation which captures trust between the entities. We identify several important ways of synthesizing secure channels, and study the algorithmic problem of designing a secure communication protocol connecting the entities, given the connectivity of the network and the trust relationship between the nodes. We show that whether secure communication is possible can be decided easily in polynomial time. If we also require that channel synthesis proceed along unambiguous paths (in which case the protocol is defined on a spanning tree of the netowrk), we show that the design problem is NP-complete, and we give a linear-time algorithsibly grm for an interesting special case of the problem.
KeywordsSpan Tree Secure Communication Duality Theorem Trust Relationship Network Design Problem
Unable to display preview. Download preview PDF.
- [BLNS]A. D. Birrell, B. W. Lampson, R. M. Needham, M. D. Schroeder “A Global Authentication Service without Global Trust,” Proc. IEEE Symposium on Security and Privacy, 1986.Google Scholar
- [GJ]M. R. Garey and D. S. Johnson Computers and Intractability: A Guide to the Theory of NP-completeness, Freeman, 1979.Google Scholar
- [PS]C. H. Papadimitriou, K. Steiglitz Combinatorial Optimization: Algorithms and Complexity, Prentice-Hall, 1982.Google Scholar
- [Ra]V. Rangan “An Axiomatic Theory of Trust in Secure Communication Protocols,” J. of Computers and Security, to appear.Google Scholar