Abstract
During the last years it has become recognized that trust is an essential component in the design of protocols in distributed systems. If, for example, a Key Distribution Center (KDC) is employed to distribute public keys, the receiver of such a key has to trust the KDC that the key is authentic. Sometimes, a trusted entity may recommend another entity as being trustworthy, which in turn can recommend further entities. Obviously, the longer such a trust path grows, the smaller the trust towards the final entity will be. On the other hand, the higher the number of trustworthy recommendations about an entity, the more trustworthy this entity will become. These observations have led to the introduction of trust values.
When deriving the value of a trust path from the trust values of the individual entities in a distributed manner, one faces the problem that the estimation of each other’s trustworthiness is a private matter. Up to now, this problem has been circumvented by either ignoring it or by not allowing for the derivation of a trust path’s value. In this paper, we propose a technique for the derivation of the value of a trust path without exposing the individual trust values to other entities.
Chapter PDF
References
Bauspiess, F. and Knobloch, H.-J. (1989) How to Keep Authenticity Alive in a Computer Network, in Advances in Cryptology, Proccedings of Eurocrypt 1989, Springer, Berlin 1990, pp. 38–46.
Beth, Th., Borcherding, M., and Klein, B. (1994) Valuation of Trust in Open Networks, in Proceedings of the 3rd European Symposium on Research in Computer Security (ESORICS), Brighton, UK, LNCS 875, pp. 3–18, Springer-Verlag.
Beth, Th. (1991) Keeping Secrets a Personal Matter or: The Exponential Security System, in Proceedings of the IMA-Workshop on Cryptography and Coding, Cirencester, UK.
Birrell, A., Lampson, B., Needham, R., Schroeder, M. (1986) A Global Authentication Service Without Global Trust, in Proceedings of the 1986 IEEE Symposium on Security and Privacy, pp. 223–230.
CCITT (1988) X.509, The Directory–Authentication Framework, IXTH Plenary Assembly, Melbourne, 14–25 November 1988.
Gligor, V. D., Luan, S.-W., and Pato, J. N. (1992) On Inter-realm Authentication in Large Distributed Systems, in Proceedings of the 1992 IEEE Symposium on Research in Security and Privacy, pp. 2–17.
Horster, P., Knobloch, H.-J. (1992) Cryptographic Protocols and Network Security, in Security and Control: From Small Systems to Large, Proceedings of the IFIP/Sec ‘82, Singapur.
Lampson, B., Abadi, M., Burrows, M., and Wobber, E. (1991) Authentication in Distributed Systems: Theory and Practice, in Proceedings of the 13th ACM Symposium on Operating Systems Principles, pp. 165–182.
Yahalom, R., Klein, B., and Beth, Th. (1993) Trust Relationships in Secure Systems — A Distributed Authentication Perspective, in Proceedings of the 1993 IEEE Symposium on Research in Security and Privacy.
Yahalom, R., Klein, B., and Beth, Th. (1994) Trust-Based Navigation in Distributed Systems. Computing Systems vol. 7, no. 1, pp. 45–73.
Zimmermann, Ph. (1994) PGP User’s Guide, Volume I: Essential Topics, Revision 11 October 1994 for PGP version 2.6.2. Distributed by the Massachusetts Institute of Technology.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 1995 IFIP International Federation for Information Processing
About this chapter
Cite this chapter
Borcherding, B., Borcherding, M. (1995). Covered Trust Values in Distributed Systems. In: Posch, R. (eds) Communications and Multimedia Security. IFIP Advances in Information and Communication Technology. Springer, Boston, MA. https://doi.org/10.1007/978-0-387-34943-5_3
Download citation
DOI: https://doi.org/10.1007/978-0-387-34943-5_3
Publisher Name: Springer, Boston, MA
Print ISBN: 978-1-5041-2908-4
Online ISBN: 978-0-387-34943-5
eBook Packages: Springer Book Archive