|
Reasoning About Trust and Insurance in a Public Key Infrastructure
by J. Millen and R. Wright.
From 13th IEEE Computer Security Foundations Workshop. IEEE Computer Society. July, 2000. Pages 1622.
Abstract
In the real world, insurance is used to mitigate financial risk to individuals in many settings.
Similarly, it has been suggested that insurance can be used in distributed systems, and in
particular, in authentication procedures, to mitigate individual's risks there. In this paper, we
further explore the use of insurance for public-key certificates and other kinds of
statements. We also describe an application using threshold cryptography in which insured
keys would also have an auditor involved in any transaction using the key, allowing the
insurer better control over its liability. We provide a formal yet simple insurance logic that
can be used to deduce the amount of insurance associated with statements based on the
insurance associated with related statements. Using the logic, we show how trust
relationships and insurance can work together to provide confidence.
BibTEX Entry
@inproceedings{insurance,
AUTHOR = {{J.} Millen and {R.} Wright},
TITLE = {Reasoning About Trust and Insurance in a Public Key Infrastructure},
BOOKTITLE = {13th {IEEE} Computer Security Foundations Workshop},
YEAR = {2000},
PAGES = {16--22},
MONTH = {july},
ORGANIZATION = {{IEEE} Computer Society},
URL = {http://www.csl.sri.com/papers/insurance/}
}
Files
|
|