Abstract
Online services fundamentally rely on identity management to secure and personalize their presence. Within identity management, attribute assurance techniques target correctness and validity of attributes. These properties are an essential foundation for service provisioning in digital businesses. A myriad of attribute assurance trust models has been published. However, a superior trust model from the various proposals has not been discriminated. Additionally, a profound assessment is challenging due to a missing general notation and approach. In this paper, we work towards the structural characteristics of a secure trust model. To achieve this, we analyze common elements of attribute assurance trust models and outline differentiating factors compared to other domains. Based on the key components, we propose a formal meta-framework to depict existing trust models. Using the framework, characteristics and security attacks of these trust schemes are elaborated. As an outcome, we can conclude that a secure trust model depends on an attack-resistant trust function that considers high trust values and several attestation issuers.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Jøsang, A., Ismail, R., Boyd, C.: A survey of trust and reputation systems for online service provision. Decis. Support Syst. 43(2), 618–644 (2007)
McKnight, D.H., Chervany, N.L.: The meanings of trust. University of Minnesota, Technical report. MISRC 9604 (1996)
Alexopoulos, N., Daubert, J., MĂ¼hlhäuser, M., Habib, S.M.: Beyond the hype: on using blockchains in trust management for authentication. In: 2017 IEEE International Conference on Trust, Security and Privacy in Computing and Communications (Trustcom), pp. 546–553 (2017)
Gomi, H.: Authentication trust metric and assessment for federated identity management systems. IEICE Trans. Inf. Syst. 95(1), 29–37 (2012)
GrĂ¼ner, A., MĂ¼hle, A., Gayvoronskaya, T., Meinel, C.: A comparative analysis of trust requirements in decentralized identity management. In: 2019 International Conference on Advanced Information Networking and Applications (AINA), pp. 200–213 (2019)
Zimmermann, P.R.: The Official PGP User’s Guide. MIT Press, Cambridge (1995)
Internet Engineering Task Force. RFC 5280. internet x.509 public key infrastructure certificate and certificate revocation list (CRL) profile (2008). https://tools.ietf.org/html/rfc5280. Accessed 30 Dec 2020
GrĂ¼ner, A., MĂ¼hle, A., Meinig, M., Meinel, C.: A taxonomy of trust models for attribute assurance in identity management. In: 2020 Workshops of the 34th International Conference on Advanced Information Networking and Applications (WAINA), pp. 65–76 (2020)
Jøsang, A.: An algebra for assessing trust in certification chains. In: 1999 Network and Distributed Systems Symposium (NDSS) (1999)
Yang, W., Huang, C., Wang, B., Wang, T., Zhang, Z.: A general trust model based on trust algebra. In: 2009 International Conference on Multimedia Information Networking and Security (MINES), pp. 125–129 (2009)
Huang, J., Nicol, D.: A formal-semantics-based calculus of trust. IEEE Internet Comput. 14, 38–46 (2010)
Carbone, M., Nielsen, M., Sassone, V.: A formal model for trust in dynamic networks. In: First International Conference on Software Engineering and Formal Methods (SEFM), pp. 54–61 (2003)
Kinateder, M., Baschny, E., Rothermel, K.: Towards a generic trust model - comparison of various trust update algorithms. In: Third International Conference on Trust Management (iTrust), pp. 177–192 (2005)
Fragkakis, M., Alexandris, N.: Comparing the trust and security models of mobile agents. In: Third International Symposium on Information Assurance and Security (IAS), pp. 363–368 (2007)
Moyano, F., Fernandez-Gago, C., Lopez, J.: A conceptual framework for trust models. In: International Conference on Trust, Privacy and Security in Digital Business (TrustBus) 2012, pp. 93–104 (2012)
El Bakkali, H., Kaitouni, B.I.: A logic-based reasoning about PKI trust model. In: 6th IEEE International Symposium on Computers and Communications (ISCC), pp. 42–48 (2001)
El Bakkali, H., Kaitouni, B.I.: A predicate calculus logic for the PKI trust model analysis. In: IEEE International Symposium on Network Computing and Applications (NCA) 2001, pp. 368–371 (2001)
Yu, H., Jin, C., Che, H.: A description logic for PKI trust domain modeling. In: 3rd International Conference on Information Technology and Applications (ICITA), pp. 524–528 (2005)
Huang, J., Nicol, D.: A calculus of trust and its application to PKI and identity management. In: 8th International Symposium on Identity and Trust on the Internet (IDtrust), pp. 23–37 (2009)
Uahhabi, Z.E., Bakkali, H.E.: A comparative study of PKI trust models. In: 2014 IEEE International Conference on Next Generation Networks and Services (NGNS), pp. 255–261 (2014)
Maurer, U.: Modelling a public-key infrastructure. In: European Symposium on Research in Computer Security (ESORICS) 1996, pp. 325–350 (1996)
Marchesini, J., Smith, S.: Modeling public key infrastructures in the real world. In: European Public Key Infrastructure Workshop (EuroPKI) 2005, pp. 118–134 (2005)
Henderson, M., Coulter, R., Dawson, E., Okamoto, E.: Modelling trust structures for public key infrastructures. In: Australasian Conference on Information Security and Privacy (ACISP) 2002, pp. 56–70 (2002)
Ulrich, A., Holz, R., Hauck, P., Carle, G.: Investigating the OpenPGP web of trust. In: European Symposium on Research in Computer Security (ESORICS) 2011, pp. 489–507 (2011)
Chirita, P.-A., Nejdl, W., Schlosser, M., Scurtu, O.: Personalized reputation management in P2P networks. In: 2004 International Conference on Trust, Security, and Reputation on the Semantic Web (ISWC), pp. 32–41 (2004)
Ries, S., Habib, S.M., MĂ¼hlhäuser, M., Varadharajan, V.: Certainlogic: a logic for modeling trust and uncertainty. In: 4th International Conference on Trust and Trustworthy Computing (Trust), pp. 254–261 (2011)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
GrĂ¼ner, A., Meinel, C. (2021). On the Structure and Assessment of Trust Models in Attribute Assurance. In: Barolli, L., Woungang, I., Enokido, T. (eds) Advanced Information Networking and Applications. AINA 2021. Lecture Notes in Networks and Systems, vol 227. Springer, Cham. https://doi.org/10.1007/978-3-030-75078-7_45
Download citation
DOI: https://doi.org/10.1007/978-3-030-75078-7_45
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-75077-0
Online ISBN: 978-3-030-75078-7
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)