Incorporation Of Certification Revocation And Time Concept Into A Trust Model For Information Security System

Azimzadeh, Fatemeh (2007) Incorporation Of Certification Revocation And Time Concept Into A Trust Model For Information Security System. Masters thesis, Universiti Putra Malaysia.

[img] PDF
330Kb

Abstract

In large open networks, handling trust and authenticity adequately is an important prerequisite for security policy. Trust issues influence not only the specification of security policies but also the techniques needed to manage and implement security policies for systems. Certification is one of the main components of trust models and is known as a common mechanism for authentic public key distribution. In order to obtain a public key, verifiers need to extract a certificate path from a network of certificates, which is called the public key infrastructure (PKI). There are two classifications of PKI; namely the centralized and decentralized PKIs. In this thesis, attention is paid the decentralized PKIs, such as Maurer’s model. This model is comprised of two parts; the deterministic and probabilistic models. An important limitation in this model is that certification revocation is not considered. Revocation happens in cases, among others, such as the loss of private key. Another limitation of Maurer’s model is that it lacks time consideration, which is important as trust changes over time. In this thesis, a novel trust model is developed, addressing the limitations of other models. Negative values such as revocation of certification have been incorporated, making a complete trust model that includes both positive and negative evidences. Particularly, certification is considered as positive evidence while certification revocation is considered negative. The time concept is then added to the model in order to address the change of trusts status over time. Hence, the complete trust model is able to incorporate certification revocation and time concept into both deterministic and probabilistic parts of a model. Incorporating two new concepts into Maurer’s model increases the generality and expressive power of the model. Novel extension of the trust model enabling it to capture all aspects of public key certification which includes trust, recommendations, confidence values for trust metric and authenticity of public keys, multiple certification paths, certification revocation and the time concept. Experimental results show that after incorporating the new concept, a decrease in confidence value in comparison to Maurer’s model was observed, resulting to a more realistic model.

Item Type:Thesis (Masters)
Subject:Trust, Industrial
Subject:Security systems
Chairman Supervisor:Professor Borhanuddin Mohd. Ali, PhD
Call Number:FK 2007 55
Faculty or Institute:Faculty of Engineering
ID Code:5268
Deposited By: Nurul Hayatie Hashim
Deposited On:08 Apr 2010 01:28
Last Modified:27 May 2013 07:21

Repository Staff Only: item control page

Document Download Statistics

This item has been downloaded for since 08 Apr 2010 01:28.

View statistics for "Incorporation Of Certification Revocation And Time Concept Into A Trust Model For Information Security System"


Universiti Putra Malaysia Institutional Repository

Universiti Putra Malaysia Institutional Repository is an on-line digital archive that serves as a central collection and storage of scientific information and research at the Universiti Putra Malaysia.

Currently, the collections deposited in the IR consists of Master and PhD theses, Master and PhD Project Report, Journal Articles, Journal Bulletins, Conference Papers, UPM News, Newspaper Cuttings, Patents and Inaugural Lectures.

As the policy of the university does not permit users to view thesis in full text, access is only given to the first 24 pages only.