Upload
brian-webb
View
217
Download
0
Tags:
Embed Size (px)
Citation preview
7 October 1998 © 1998 University of Salford 1
Intelligent Computation of Trust
David W Chadwick
7 October 1998 © 1998 University of Salford 2
Scenario
• You receive a digitally signed email message inviting you to a research meeting in Brussels, saying that the EC will pay all your travelling expenses and give you 110 ecus subsistence for the day
• The SMTP from field is [email protected]
• Digital signature computes
7 October 1998 © 1998 University of Salford 3
What do you do?
• trust the message and book your air ticket
• distrust the message and phone Peter up to confirm
• do some further checking
7 October 1998 © 1998 University of Salford 4
7 October 1998 © 1998 University of Salford 5
Now do you trust the message?
• Not unless you know and trust the Certs-R-Us Certification Authority
• Assuming you don’t know it, how do you if it is a trustworthy CA?
• Download its Certification Practice Statement and read it
7 October 1998 © 1998 University of Salford 6
The CPS
• You download the CPS
• You don’t understand it
• What do you do now?
• You need help
CPS
7 October 1998 © 1998 University of Salford 7
INTERNET
ExpertTrust Quotient
CalculatorUser 2(Message Recipient)
RelyingParty
User 1’sCA’s Policy &
CPS
User 1(Message Sender)
CertifiedParty
Intelligent Computation of Trust - The Participants -
7 October 1998 © 1998 University of Salford 8
TTP’sPolicy
andCPS
ExpertTrust Quotient
Calculator
Verbose Client
Mode of Operation - Method 1
7 October 1998 © 1998 University of Salford 9
TTP’sPolicy
andCPS
ExpertTrust Quotient
Calculator
StructuredPolicy/CPS
Automatic Client
Mode of Operation - Method 2
7 October 1998 © 1998 University of Salford 10
Creating the Trust Quotient Calculator
• A probablistic inference net has been built
• Using the ISTAR KBS developed at Salford University by Andrew Basden
• Initial nodes determined by reference to Chokani and Ford’s CPS Framework (PKIX Part 4)
7 October 1998 © 1998 University of Salford 11
7 October 1998 © 1998 University of Salford 12
Building Knowledge into the Inference Net
• Knowledge Poor Domain :-(
• Developed a questionnaire
• Now need to interview experts in the field of Public Key Infrastructures
• Feed their answers into the Net
• Try to gain some overall consensus of trust in the relevant elements
7 October 1998 © 1998 University of Salford 13
Longer Term
• Check that the CA actually abides by its own CPS
• By retrieving objects from the Internet and comparing them to the CPS– e.g. download the CRL at look at its timestamp