ICE-TEL中的信任模型

Proceedings of SNDSS '97: Internet Society 1997 Symposium on Network and Distributed System Security Pub Date : 1997-02-10 DOI:10.1109/NDSS.1997.579230

A. Young, Nada Kapidzic Cicovic, D. Chadwick

{"title":"ICE-TEL中的信任模型","authors":"A. Young, Nada Kapidzic Cicovic, D. Chadwick","doi":"10.1109/NDSS.1997.579230","DOIUrl":null,"url":null,"abstract":"Public key certification provides mechanisms that can be used to build truly scaleable security services, such as allowing people who have never met to have assurance of each other's identity. Authentication involves syntactic verification of a certificate chain followed by a semantic look at the policies under which the certificates were issued. This results in a level of assurance that the identity of the person to be authenticated is an accurate description of the person involved, and requires verifiers to specify who they trust and what they trust them to do. Two widely discussed mechanisms for specifying this trust, the PEM and PGP trust models, approach the problem from fundamentally different directions. The EC funded ICE-TEL project, which is deploying a security infrastructure and application set for the European research community, has described a new trust model that attempts to be equally applicable to organisation-centric PEM users and user-centric PGP users.","PeriodicalId":224439,"journal":{"name":"Proceedings of SNDSS '97: Internet Society 1997 Symposium on Network and Distributed System Security","volume":"42 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"1997-02-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"7","resultStr":"{\"title\":\"Trust models in ICE-TEL\",\"authors\":\"A. Young, Nada Kapidzic Cicovic, D. Chadwick\",\"doi\":\"10.1109/NDSS.1997.579230\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Public key certification provides mechanisms that can be used to build truly scaleable security services, such as allowing people who have never met to have assurance of each other's identity. Authentication involves syntactic verification of a certificate chain followed by a semantic look at the policies under which the certificates were issued. This results in a level of assurance that the identity of the person to be authenticated is an accurate description of the person involved, and requires verifiers to specify who they trust and what they trust them to do. Two widely discussed mechanisms for specifying this trust, the PEM and PGP trust models, approach the problem from fundamentally different directions. The EC funded ICE-TEL project, which is deploying a security infrastructure and application set for the European research community, has described a new trust model that attempts to be equally applicable to organisation-centric PEM users and user-centric PGP users.\",\"PeriodicalId\":224439,\"journal\":{\"name\":\"Proceedings of SNDSS '97: Internet Society 1997 Symposium on Network and Distributed System Security\",\"volume\":\"42 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"1997-02-10\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"7\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings of SNDSS '97: Internet Society 1997 Symposium on Network and Distributed System Security\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/NDSS.1997.579230\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of SNDSS '97: Internet Society 1997 Symposium on Network and Distributed System Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/NDSS.1997.579230","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 7

摘要

公钥认证提供了可用于构建真正可扩展的安全服务的机制，例如允许从未谋面的人确保彼此的身份。身份验证涉及对证书链进行语法验证，然后对颁发证书所依据的策略进行语义查看。这在一定程度上保证了要进行身份验证的人的身份是对所涉及的人的准确描述，并要求验证者指定他们信任谁以及他们信任他们做什么。用于指定这种信任的两种被广泛讨论的机制——PEM和PGP信任模型——从根本上不同的方向解决了这个问题。EC资助的ICE-TEL项目为欧洲研究社区部署了安全基础设施和应用程序集，描述了一种新的信任模型，该模型试图同样适用于以组织为中心的PEM用户和以用户为中心的PGP用户。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Trust models in ICE-TEL

Public key certification provides mechanisms that can be used to build truly scaleable security services, such as allowing people who have never met to have assurance of each other's identity. Authentication involves syntactic verification of a certificate chain followed by a semantic look at the policies under which the certificates were issued. This results in a level of assurance that the identity of the person to be authenticated is an accurate description of the person involved, and requires verifiers to specify who they trust and what they trust them to do. Two widely discussed mechanisms for specifying this trust, the PEM and PGP trust models, approach the problem from fundamentally different directions. The EC funded ICE-TEL project, which is deploying a security infrastructure and application set for the European research community, has described a new trust model that attempts to be equally applicable to organisation-centric PEM users and user-centric PGP users.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Proceedings of SNDSS '97: Internet Society 1997 Symposium on Network and Distributed System Security

自引率

0.00%

发文量