Incorporation Of Certification Revocation And Time Concept Into A Trust Model For Information Security System

In large open networks, handling trust and authenticity adequately is an important prerequisite for security policy. Trust issues influence not only the specification of security policies but also the techniques needed to manage and implement security policies for systems. Certification is one of...

Full description

Saved in:
Bibliographic Details
Main Author: Azimzadeh, Fatemeh
Format: Thesis
Language:English
English
Published: 2007
Online Access:http://psasir.upm.edu.my/id/eprint/5268/1/FK_2007_55a.pdf
http://psasir.upm.edu.my/id/eprint/5268/
Tags: Add Tag
No Tags, Be the first to tag this record!
Institution: Universiti Putra Malaysia
Language: English
English
id my.upm.eprints.5268
record_format eprints
spelling my.upm.eprints.52682013-05-27T07:21:36Z http://psasir.upm.edu.my/id/eprint/5268/ Incorporation Of Certification Revocation And Time Concept Into A Trust Model For Information Security System Azimzadeh, Fatemeh In large open networks, handling trust and authenticity adequately is an important prerequisite for security policy. Trust issues influence not only the specification of security policies but also the techniques needed to manage and implement security policies for systems. Certification is one of the main components of trust models and is known as a common mechanism for authentic public key distribution. In order to obtain a public key, verifiers need to extract a certificate path from a network of certificates, which is called the public key infrastructure (PKI). There are two classifications of PKI; namely the centralized and decentralized PKIs. In this thesis, attention is paid the decentralized PKIs, such as Maurer’s model. This model is comprised of two parts; the deterministic and probabilistic models. An important limitation in this model is that certification revocation is not considered. Revocation happens in cases, among others, such as the loss of private key. Another limitation of Maurer’s model is that it lacks time consideration, which is important as trust changes over time. In this thesis, a novel trust model is developed, addressing the limitations of other models. Negative values such as revocation of certification have been incorporated, making a complete trust model that includes both positive and negative evidences. Particularly, certification is considered as positive evidence while certification revocation is considered negative. The time concept is then added to the model in order to address the change of trusts status over time. Hence, the complete trust model is able to incorporate certification revocation and time concept into both deterministic and probabilistic parts of a model. Incorporating two new concepts into Maurer’s model increases the generality and expressive power of the model. Novel extension of the trust model enabling it to capture all aspects of public key certification which includes trust, recommendations, confidence values for trust metric and authenticity of public keys, multiple certification paths, certification revocation and the time concept. Experimental results show that after incorporating the new concept, a decrease in confidence value in comparison to Maurer’s model was observed, resulting to a more realistic model. 2007 Thesis NonPeerReviewed application/pdf en http://psasir.upm.edu.my/id/eprint/5268/1/FK_2007_55a.pdf Azimzadeh, Fatemeh (2007) Incorporation Of Certification Revocation And Time Concept Into A Trust Model For Information Security System. Masters thesis, Universiti Putra Malaysia. English
institution Universiti Putra Malaysia
building UPM Library
collection Institutional Repository
continent Asia
country Malaysia
content_provider Universiti Putra Malaysia
content_source UPM Institutional Repository
url_provider http://psasir.upm.edu.my/
language English
English
description In large open networks, handling trust and authenticity adequately is an important prerequisite for security policy. Trust issues influence not only the specification of security policies but also the techniques needed to manage and implement security policies for systems. Certification is one of the main components of trust models and is known as a common mechanism for authentic public key distribution. In order to obtain a public key, verifiers need to extract a certificate path from a network of certificates, which is called the public key infrastructure (PKI). There are two classifications of PKI; namely the centralized and decentralized PKIs. In this thesis, attention is paid the decentralized PKIs, such as Maurer’s model. This model is comprised of two parts; the deterministic and probabilistic models. An important limitation in this model is that certification revocation is not considered. Revocation happens in cases, among others, such as the loss of private key. Another limitation of Maurer’s model is that it lacks time consideration, which is important as trust changes over time. In this thesis, a novel trust model is developed, addressing the limitations of other models. Negative values such as revocation of certification have been incorporated, making a complete trust model that includes both positive and negative evidences. Particularly, certification is considered as positive evidence while certification revocation is considered negative. The time concept is then added to the model in order to address the change of trusts status over time. Hence, the complete trust model is able to incorporate certification revocation and time concept into both deterministic and probabilistic parts of a model. Incorporating two new concepts into Maurer’s model increases the generality and expressive power of the model. Novel extension of the trust model enabling it to capture all aspects of public key certification which includes trust, recommendations, confidence values for trust metric and authenticity of public keys, multiple certification paths, certification revocation and the time concept. Experimental results show that after incorporating the new concept, a decrease in confidence value in comparison to Maurer’s model was observed, resulting to a more realistic model.
format Thesis
author Azimzadeh, Fatemeh
spellingShingle Azimzadeh, Fatemeh
Incorporation Of Certification Revocation And Time Concept Into A Trust Model For Information Security System
author_facet Azimzadeh, Fatemeh
author_sort Azimzadeh, Fatemeh
title Incorporation Of Certification Revocation And Time Concept Into A Trust Model For Information Security System
title_short Incorporation Of Certification Revocation And Time Concept Into A Trust Model For Information Security System
title_full Incorporation Of Certification Revocation And Time Concept Into A Trust Model For Information Security System
title_fullStr Incorporation Of Certification Revocation And Time Concept Into A Trust Model For Information Security System
title_full_unstemmed Incorporation Of Certification Revocation And Time Concept Into A Trust Model For Information Security System
title_sort incorporation of certification revocation and time concept into a trust model for information security system
publishDate 2007
url http://psasir.upm.edu.my/id/eprint/5268/1/FK_2007_55a.pdf
http://psasir.upm.edu.my/id/eprint/5268/
_version_ 1643823139667312640