{"title":"Trust models in ICE-TEL","authors":"A. Young, Nada Kapidzic Cicovic, D. Chadwick","doi":"10.1109/NDSS.1997.579230","DOIUrl":null,"url":null,"abstract":"Public key certification provides mechanisms that can be used to build truly scaleable security services, such as allowing people who have never met to have assurance of each other's identity. Authentication involves syntactic verification of a certificate chain followed by a semantic look at the policies under which the certificates were issued. This results in a level of assurance that the identity of the person to be authenticated is an accurate description of the person involved, and requires verifiers to specify who they trust and what they trust them to do. Two widely discussed mechanisms for specifying this trust, the PEM and PGP trust models, approach the problem from fundamentally different directions. The EC funded ICE-TEL project, which is deploying a security infrastructure and application set for the European research community, has described a new trust model that attempts to be equally applicable to organisation-centric PEM users and user-centric PGP users.","PeriodicalId":224439,"journal":{"name":"Proceedings of SNDSS '97: Internet Society 1997 Symposium on Network and Distributed System Security","volume":"42 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"1997-02-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"7","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of SNDSS '97: Internet Society 1997 Symposium on Network and Distributed System Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/NDSS.1997.579230","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 7
Abstract
Public key certification provides mechanisms that can be used to build truly scaleable security services, such as allowing people who have never met to have assurance of each other's identity. Authentication involves syntactic verification of a certificate chain followed by a semantic look at the policies under which the certificates were issued. This results in a level of assurance that the identity of the person to be authenticated is an accurate description of the person involved, and requires verifiers to specify who they trust and what they trust them to do. Two widely discussed mechanisms for specifying this trust, the PEM and PGP trust models, approach the problem from fundamentally different directions. The EC funded ICE-TEL project, which is deploying a security infrastructure and application set for the European research community, has described a new trust model that attempts to be equally applicable to organisation-centric PEM users and user-centric PGP users.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
