Authentication Metric Analysis and Design推荐.pdfVIP

© ACM, 1999. This is the authors version of the work. It is posted here by permission of ACM for your personal use. Not for redistribution. The definitive version is available at /10.1145/317087.317088. Authentication Metric Analysis and Design MICHAEL K. REITER Bell Laboratories, Lucent Technologies and STUART G. STUBBLEBINE CertCo Authentication using a path of trusted intermediaries, each able to authenticate the next in the path, is a well-known technique for authenticating entities in a large-scale system. Recent work has extended this technique to include multiple paths in an effort to bolster authentica- tion, but the success of this approach may be unclear in the face of intersecting paths, ambiguities in the meaning of certificates, and interdependencies in the use of different keys. Thus, several authors have proposed metrics to evaluate the confidence afforded by a set of paths. In this paper we develop a set of guiding principles for the design of such metrics. We motivate our principles by showing how previous approaches failed with respect to these priniciples and what the consequences to authentication might be. We then propose a new metric that appears to meet our principles, and so to be a satisfactory metric of authentication. Categories and Subject Descriptors: D.4.6 [Operating Systems]: Security and Protection— Authentication ; K.6.5 [Management of Computing and Information Systems]: Security and Protection—Authentication General Terms: Measurement, Security Additional Key Words and Phrases: Public key infrastructure, metrics of authentication 1. INTRODUCTION Determining the owner of a public k