Title :
Reasoning about trust and insurance in a public key infrastructure
Author :
Millen, Jonathan K. ; Wright, Rebecca N.
Author_Institution :
SRI Int., Menlo Park, CA, USA
Abstract :
In the real world, insurance is used to mitigate financial risk to individuals in many settings. Similarly, it has been suggested that insurance can be used in distributed systems, and in particular, in authentication procedures, to mitigate an individual´s risks there. We further explore the use of insurance for public-key certificates and other kinds of statements. We also describe an application using threshold cryptography in which insured keys would also have an auditor involved in any transaction using the key, allowing the insurer better control over its liability. We provide a formal yet simple insurance logic that can be used to deduce the amount of insurance associated with statements based on the insurance associated with related statements. Using the logic, we show how trust relationships and insurance can work together to provide confidence
Keywords :
distributed processing; formal logic; message authentication; public key cryptography; auditor; authentication procedures; distributed systems; insurance; insurance logic; liability; public key infrastructure; public-key certificates; threshold cryptography; trust; Authentication; Digital signatures; Government; Insurance; Logic; National electric code; Power generation; Protocols; Public key; Public key cryptography;
Conference_Titel :
Computer Security Foundations Workshop, 2000. CSFW-13. Proceedings. 13th IEEE
Conference_Location :
Cambridge
Print_ISBN :
0-7695-0671-2
DOI :
10.1109/CSFW.2000.856922
