medina combining evidence to build trust
Download
Skip this Video
Download Presentation
Medina: Combining Evidence to Build Trust

Loading in 2 Seconds...

play fullscreen
1 / 8

Medina: Combining Evidence to Build Trust - PowerPoint PPT Presentation


  • 65 Views
  • Uploaded on

Medina: Combining Evidence to Build Trust. Reasoning about trust without onions. Johannes Helander Ben Zorn Microsoft Research May 23, 2007 Oakland, WSP07. A Second Look at Passwords. Not as strong as encryption would suggest Ad-hoc methodology Back-channels (e.g. password reset)

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about ' Medina: Combining Evidence to Build Trust' - willoughby-roland


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
medina combining evidence to build trust

Medina: Combining Evidence to Build Trust

Reasoning about trust without onions.

Johannes Helander

Ben Zorn

Microsoft Research

May 23, 2007

Oakland, WSP07

a second look at passwords
A Second Look at Passwords
  • Not as strong as encryption would suggest
  • Ad-hoc methodology
  • Back-channels (e.g. password reset)
  • Reuse of passwords
  • Inconvenient to store
  • They just don’t work

(14) front door

(16) side door

our formalism and passwords
Our Formalism and Passwords
  • allow = P(e1,e2,e3) = e1 | (e2 & e3)
    • e1 = knows password
    • e2 = has an email address registered with the account
    • e3 = can read email sent to that address
  • Stricter policy: allow = P2(e1,e2,e3,e4) = e4 & P1(e1,e2,e3)
    • e4 = is human
  • Boolean operation  will generalize
  • Interpretation of policies that combine evidence
framework for reasoning about trust
Non-onion

Time decay & integration

Multiple sources of evidence

Imprecise data

Framework for reasoning about trust

HIP, puzzle, biometric, proximity

peer rating, knowledge quiz

scenario sharing soccer picture @caf
Difficult with current mechanisms

USB stick, web page, email, IM, wireless

Virtual USB stick

Proximity, humanity, spoken word

Reflection of inter-human trust

Scenario: Sharing soccer picture @café
scenario wiki access control
Scenario: Wiki access control
  • Quizzes
  • Ratings
  • edit1 = ((quiz1>70% & peer>50%) | passwdA) & HIP
  • edit2 = ((quiz2>90% & peer>75%) | passwdB) & HIP
  • read1 = anybody
  • read2 = (peer>20%) & HIP
adaptive trust evaluation
Adaptive Trust Evaluation
  • Stochastic process?
  • Decay
  • Filters
  • Credit history
  • Suspicious activity
status conclusions
Status & Conclusions
  • Take mechanisms that are now ad hoc & bring into formal system
  • Currently implementing prototype
  • Allows evolution of evaluation engine & underlying math
ad