4 - Trust management
Published online by Cambridge University Press: 26 February 2010
Summary
The previous chapters discussed mandatory security requirements, which include confidentiality, authentication, integrity, and non-repudiation. These, in turn, require some form of cryptography, certificates, and signatures. Some other security-related mechanisms include user authentication, explicit transaction authorization, end-to-end encryption, accepted log-on security (biometrics) instead of separate personal identification numbers (PINs) and passwords, intrusion detection, access control, logging, and audit trail. In this chapter, I present some of the security schemes that govern trust among the communicating entities. Governance of the trust can be based on principles and practices of key management in distributed networks or other means such as authentication. Additionally, this chapter discusses several well known methods that are related to key management and authentication.
The resurrecting duckling
The resurrecting duckling security model [1] has been developed to solve the secure transient association problem. An example of this would be when a person buying a remote control would not want any other person to be able to use another remote control bought at the same shop to work at his place, but then the remote control has to work for some other person who might buy it from the first owner. Like a duckling, who considers the first moving object it sees to be its mother, in the same way a device would recognize the first entity that sends it a secret key as its owner. When necessary, the owner could later clear the imprinting and let the device change its owner.
- Type
- Chapter
- Information
- Publisher: Cambridge University PressPrint publication year: 2008