Merging and Extending the PGP and PEM Trust Models - the ICE-TEL Trust Model

Chadwick, D.W. and Young, A.J. and Kapidzic Cicovic, N. (1997) Merging and Extending the PGP and PEM Trust Models - the ICE-TEL Trust Model. IEEE Networks Special Publication on Internet Security, 11 (3). pp. 16-24. ISSN 0890-8044 . (Full text available)

PDF
Download (137kB)
[img]
Preview

Abstract

The ICE-TEL project is a pan-European project that is building an Internet X.509 based certification infrastructure throughout Europe, plus several secure applications that will use it. This paper describes the trust model that is being implemented by the project. A trust model specifies the means by which a user may build trust in the assertion that a remote user is really who he purports to be (authentication) and that he does in fact have a right to access the service or information that he is requesting (authorization). The ICE-TEL trust model is based on a merging of and extensions to the existing Pretty Good Privacy (PGP) web of trust and Privacy Enhanced Mail (PEM) hierarchy of trust models, and is called a web of hierarchies trust model. The web of hierarchies model has significant advantages over both of the previous models, and these are highlighted here. The paper further describes the way that the trust model is enforced through some of the new extensions in the X.509 V3 certificates, and gives examples of its use in different scenarios.

Item Type: Article
Subjects: Q Science > QA Mathematics (inc Computing science) > QA 76 Software, computer programming,
Divisions: Faculties > Science Technology and Medical Studies > School of Computing > Security Group
Depositing User: Mark Wheadon
Date Deposited: 26 Jul 2009 14:48
Last Modified: 06 Sep 2011 03:56
Resource URI: http://kar.kent.ac.uk/id/eprint/21507 (The current URI for this page, for reference purposes)
  • Depositors only (login required):

Downloads

Downloads per month over past year