Medina combining evidence to build trust
Download
1 / 8

Medina: Combining Evidence to Build Trust - PowerPoint PPT Presentation


  • 63 Views
  • Uploaded on

Medina: Combining Evidence to Build Trust. Reasoning about trust without onions. Johannes Helander Ben Zorn Microsoft Research May 23, 2007 Oakland, WSP07. A Second Look at Passwords. Not as strong as encryption would suggest Ad-hoc methodology Back-channels (e.g. password reset)

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about ' Medina: Combining Evidence to Build Trust' - willoughby-roland


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
Medina combining evidence to build trust

Medina: Combining Evidence to Build Trust

Reasoning about trust without onions.

Johannes Helander

Ben Zorn

Microsoft Research

May 23, 2007

Oakland, WSP07


A second look at passwords
A Second Look at Passwords

  • Not as strong as encryption would suggest

  • Ad-hoc methodology

  • Back-channels (e.g. password reset)

  • Reuse of passwords

  • Inconvenient to store

  • They just don’t work

(14) front door

(16) side door


Our formalism and passwords
Our Formalism and Passwords

  • allow = P(e1,e2,e3) = e1 | (e2 & e3)

    • e1 = knows password

    • e2 = has an email address registered with the account

    • e3 = can read email sent to that address

  • Stricter policy: allow = P2(e1,e2,e3,e4) = e4 & P1(e1,e2,e3)

    • e4 = is human

  • Boolean operation  will generalize

  • Interpretation of policies that combine evidence


Framework for reasoning about trust

Non-onion

Time decay & integration

Multiple sources of evidence

Imprecise data

Framework for reasoning about trust

HIP, puzzle, biometric, proximity

peer rating, knowledge quiz


Scenario sharing soccer picture @caf

Difficult with current mechanisms

USB stick, web page, email, IM, wireless

Virtual USB stick

Proximity, humanity, spoken word

Reflection of inter-human trust

Scenario: Sharing soccer picture @café


Scenario wiki access control
Scenario: Wiki access control

  • Quizzes

  • Ratings

  • edit1 = ((quiz1>70% & peer>50%) | passwdA) & HIP

  • edit2 = ((quiz2>90% & peer>75%) | passwdB) & HIP

  • read1 = anybody

  • read2 = (peer>20%) & HIP


Adaptive trust evaluation
Adaptive Trust Evaluation

  • Stochastic process?

  • Decay

  • Filters

  • Credit history

  • Suspicious activity


Status conclusions
Status & Conclusions

  • Take mechanisms that are now ad hoc & bring into formal system

  • Currently implementing prototype

  • Allows evolution of evaluation engine & underlying math


ad