1 / 11

Trust and the Public Key Infrastructure (PKI)

Trust and the Public Key Infrastructure (PKI). Sangyoon Oh Florida State University Computer Security Projects GS5891-01 Spring 2001. Outlines. Security on Current Internet What is PKI? Structures and Models Weaknesses and Right PKI Trustworthiness in open network. Security on Internet.

gardenia
Download Presentation

Trust and the Public Key Infrastructure (PKI)

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Trust and the Public Key Infrastructure (PKI) Sangyoon Oh Florida State University Computer Security Projects GS5891-01 Spring 2001

  2. Outlines • Security on Current Internet • What is PKI? • Structures and Models • Weaknesses and Right PKI • Trustworthiness in open network Computer Security

  3. Security on Internet • Internet is cloud of connection • User is responsible for everything • E-commerce and B2B grow rapidly • Needs framework to exchange data and money securely and privately Computer Security

  4. Public Key Infrastructure CA Alice’s public key Bob’s public key Alice Bob Privacy: Bob’s public key Authentication: Alice’s private key Computer Security

  5. Structures and Models • Hierarchical structure: X.509 • Pretty Good Privacy • Virtual Private Network • Secure connection over the phone line. • Network service provider & Hardware vender • Authentication, Encryption, Tunneling, Access Control Computer Security

  6. Weakness • Security is as strong as weakest link • User computer is not safe: Private key • Hacker use Root certificate • RA (certificate content) - CA link is very weak. Computer Security

  7. Right PKI • Choose the right structure • B2B, B need Hierarchical structure: X.509 • Right Implementation • Stochastic, security policy management prevent reliability failure and low level penatration • Right Choice of PKI Structure prevent malicious attack Computer Security

  8. Valuation of Trust(Thomas Beth, Malte Borcherding, Birgit Klein) • Direct and Recommended Trust • Trust Value • Deriving Trust Relationships • Combination of Trust Values • Use: entrust task worth 100 unit, risk 49 unit. Computer Security

  9. Secure communication in an unknown network(M. Burmester and Y. Desmedt) • Structure of trust graph is not known except attacker • Using query flood, get neighbor list. • Label the vertexes • Get a good approximation of the trust graph Computer Security

  10. Reference • Which PKI (Public Key Infrastructure) is the right one? -- Carlisle Adams, Mike Burmester, Yvo Desmedt (2000) • Valuation of Trust in Open Networks -- Thomas Beth, Malte Borcherding, Birgit Klein (1994) • Secure communication in an unknownnetwork using certificates. -- M. Burmester and Y. Desmedt. (1999) • Ten Risks of PKI: What you’re not being told about Public Key Infrastructure. -- Carl Ellison, Bruce Schneier (2000) • Security in Computing, 2nd -- Charles P. Pfleeger Computer Security

  11. Reference Con’t • A Method for Obtaining Digital Signatures and Public-Key Cryptosystems. -- Rivest, R. L., Shamir, A., and Adleman, L. (1978). • SPKI/SDSI 2.0 A Simple Distributed Security Infrastructure -- Ronald L. Rivest (1997) • Virtual Private Networks -- Cris Banson (1999) • What is a VPN? -- Paul Ferguson, Geoff Huston (1998) Computer Security

More Related