7 October 1998© 1998 University of Salford1 Intelligent Computation of Trust David W Chadwick...
-
Upload
brian-webb -
Category
Documents
-
view
216 -
download
0
Transcript of 7 October 1998© 1998 University of Salford1 Intelligent Computation of Trust David W Chadwick...
![Page 1: 7 October 1998© 1998 University of Salford1 Intelligent Computation of Trust David W Chadwick d.w.chadwick@iti.salford.ac.uk.](https://reader035.fdocuments.us/reader035/viewer/2022062409/5697c0301a28abf838cdaf0b/html5/thumbnails/1.jpg)
7 October 1998 © 1998 University of Salford 1
Intelligent Computation of Trust
David W Chadwick
![Page 2: 7 October 1998© 1998 University of Salford1 Intelligent Computation of Trust David W Chadwick d.w.chadwick@iti.salford.ac.uk.](https://reader035.fdocuments.us/reader035/viewer/2022062409/5697c0301a28abf838cdaf0b/html5/thumbnails/2.jpg)
7 October 1998 © 1998 University of Salford 2
Scenario
• You receive a digitally signed email message inviting you to a research meeting in Brussels, saying that the EC will pay all your travelling expenses and give you 110 ecus subsistence for the day
• The SMTP from field is [email protected]
• Digital signature computes
![Page 3: 7 October 1998© 1998 University of Salford1 Intelligent Computation of Trust David W Chadwick d.w.chadwick@iti.salford.ac.uk.](https://reader035.fdocuments.us/reader035/viewer/2022062409/5697c0301a28abf838cdaf0b/html5/thumbnails/3.jpg)
7 October 1998 © 1998 University of Salford 3
What do you do?
• trust the message and book your air ticket
• distrust the message and phone Peter up to confirm
• do some further checking
![Page 4: 7 October 1998© 1998 University of Salford1 Intelligent Computation of Trust David W Chadwick d.w.chadwick@iti.salford.ac.uk.](https://reader035.fdocuments.us/reader035/viewer/2022062409/5697c0301a28abf838cdaf0b/html5/thumbnails/4.jpg)
7 October 1998 © 1998 University of Salford 4
![Page 5: 7 October 1998© 1998 University of Salford1 Intelligent Computation of Trust David W Chadwick d.w.chadwick@iti.salford.ac.uk.](https://reader035.fdocuments.us/reader035/viewer/2022062409/5697c0301a28abf838cdaf0b/html5/thumbnails/5.jpg)
7 October 1998 © 1998 University of Salford 5
Now do you trust the message?
• Not unless you know and trust the Certs-R-Us Certification Authority
• Assuming you don’t know it, how do you if it is a trustworthy CA?
• Download its Certification Practice Statement and read it
![Page 6: 7 October 1998© 1998 University of Salford1 Intelligent Computation of Trust David W Chadwick d.w.chadwick@iti.salford.ac.uk.](https://reader035.fdocuments.us/reader035/viewer/2022062409/5697c0301a28abf838cdaf0b/html5/thumbnails/6.jpg)
7 October 1998 © 1998 University of Salford 6
The CPS
• You download the CPS
• You don’t understand it
• What do you do now?
• You need help
CPS
![Page 7: 7 October 1998© 1998 University of Salford1 Intelligent Computation of Trust David W Chadwick d.w.chadwick@iti.salford.ac.uk.](https://reader035.fdocuments.us/reader035/viewer/2022062409/5697c0301a28abf838cdaf0b/html5/thumbnails/7.jpg)
7 October 1998 © 1998 University of Salford 7
INTERNET
ExpertTrust Quotient
CalculatorUser 2(Message Recipient)
RelyingParty
User 1’sCA’s Policy &
CPS
User 1(Message Sender)
CertifiedParty
Intelligent Computation of Trust - The Participants -
![Page 8: 7 October 1998© 1998 University of Salford1 Intelligent Computation of Trust David W Chadwick d.w.chadwick@iti.salford.ac.uk.](https://reader035.fdocuments.us/reader035/viewer/2022062409/5697c0301a28abf838cdaf0b/html5/thumbnails/8.jpg)
7 October 1998 © 1998 University of Salford 8
TTP’sPolicy
andCPS
ExpertTrust Quotient
Calculator
Verbose Client
Mode of Operation - Method 1
![Page 9: 7 October 1998© 1998 University of Salford1 Intelligent Computation of Trust David W Chadwick d.w.chadwick@iti.salford.ac.uk.](https://reader035.fdocuments.us/reader035/viewer/2022062409/5697c0301a28abf838cdaf0b/html5/thumbnails/9.jpg)
7 October 1998 © 1998 University of Salford 9
TTP’sPolicy
andCPS
ExpertTrust Quotient
Calculator
StructuredPolicy/CPS
Automatic Client
Mode of Operation - Method 2
![Page 10: 7 October 1998© 1998 University of Salford1 Intelligent Computation of Trust David W Chadwick d.w.chadwick@iti.salford.ac.uk.](https://reader035.fdocuments.us/reader035/viewer/2022062409/5697c0301a28abf838cdaf0b/html5/thumbnails/10.jpg)
7 October 1998 © 1998 University of Salford 10
Creating the Trust Quotient Calculator
• A probablistic inference net has been built
• Using the ISTAR KBS developed at Salford University by Andrew Basden
• Initial nodes determined by reference to Chokani and Ford’s CPS Framework (PKIX Part 4)
![Page 11: 7 October 1998© 1998 University of Salford1 Intelligent Computation of Trust David W Chadwick d.w.chadwick@iti.salford.ac.uk.](https://reader035.fdocuments.us/reader035/viewer/2022062409/5697c0301a28abf838cdaf0b/html5/thumbnails/11.jpg)
7 October 1998 © 1998 University of Salford 11
![Page 12: 7 October 1998© 1998 University of Salford1 Intelligent Computation of Trust David W Chadwick d.w.chadwick@iti.salford.ac.uk.](https://reader035.fdocuments.us/reader035/viewer/2022062409/5697c0301a28abf838cdaf0b/html5/thumbnails/12.jpg)
7 October 1998 © 1998 University of Salford 12
Building Knowledge into the Inference Net
• Knowledge Poor Domain :-(
• Developed a questionnaire
• Now need to interview experts in the field of Public Key Infrastructures
• Feed their answers into the Net
• Try to gain some overall consensus of trust in the relevant elements
![Page 13: 7 October 1998© 1998 University of Salford1 Intelligent Computation of Trust David W Chadwick d.w.chadwick@iti.salford.ac.uk.](https://reader035.fdocuments.us/reader035/viewer/2022062409/5697c0301a28abf838cdaf0b/html5/thumbnails/13.jpg)
7 October 1998 © 1998 University of Salford 13
Longer Term
• Check that the CA actually abides by its own CPS
• By retrieving objects from the Internet and comparing them to the CPS– e.g. download the CRL at look at its timestamp