Trust Management for Public Key Infrastructures: Implementing the X.509 Trust Broker

A Public Key Infrastructure (PKI) is considered one of the most important techniques used to propagate trust in authentication over the Internet. This technology is based on a trust model defined by the original X.509 (1988) standard and is composed of three entities: the certification authority (CA), the certificate holder (or subject), and the Relying Party (RP). The CA plays the role of a trusted third party between the certificate holder and the RP. In many use cases, this trust model has worked successfully. However, we argue that the application of this model on the Internet implies that web users need to depend on almost anyone in the world in order to use PKI technology. Thus, we believe that the current TLS system is not fit for purpose and must be revisited as a whole. In response, the latest draft edition of X.509 has proposed a new trust model by adding new entity called the Trust Broker (TB). In this paper, we present an implementation approach that a Trust Broker could follow in order to give RPs trust information about a CA by assessing the quality of its issued certificates. This is related to the quality of the CA’s policies and procedures and its commitment to them. Finally, we present our Trust Broker implementation that demonstrates how RPs can make informed decisions about certificate holders in the context of the global web, without requiring large processing resources themselves.

Download Full-text

Implementasi BGP dan Resource Public Key Infrastructure menggunakan BIRD untuk Keamanan Routing

Jurnal RESTI (Rekayasa Sistem dan Teknologi Informasi) ◽

10.29207/resti.v5i6.3631 ◽

2021 ◽

Vol 5 (6) ◽

pp. 1161-1170

Author(s):

Valen Brata Pranaya ◽

Theophilus Wellem

Keyword(s):

Autonomous Systems ◽

Public Key Infrastructure ◽

Digital Certificate ◽

Public Key ◽

The Internet ◽

Certification Authority ◽

Internet Routing ◽

Internet Connectivity ◽

Routing Security ◽

Bgp Routing

The validity of the routing advertisements sent by one router to another is essential for Internet connectivity. To perform routing exchanges between Autonomous Systems (AS) on the Internet, a protocol known as the Border Gateway Protocol (BGP) is used. One of the most common attacks on routers running BGP is prefix hijacking. This attack aims to disrupt connections between AS and divert routing to destinations that are not appropriate for crimes, such as fraud and data breach. One of the methods developed to prevent prefix hijacking is the Resource Public Key Infrastructure (RPKI). RPKI is a public key infrastructure (PKI) developed for BGP routing security on the Internet and can be used by routers to validate routing advertisements sent by their BGP peers. RPKI utilizes a digital certificate issued by the Certification Authority (CA) to validate the subnet in a routing advertisement. This study aims to implement BGP and RPKI using the Bird Internet Routing Daemon (BIRD). Simulation and implementation are carried out using the GNS3 simulator and a server that acts as the RPKI validator. Experiments were conducted using 4 AS, 7 routers, 1 server for BIRD, and 1 server for validators, and there were 26 invalid or unknown subnets advertised by 2 routers in the simulated topology. The experiment results show that the router can successfully validated the routing advertisement received from its BGP peer using RPKI. All invalid and unknown subnets are not forwarded to other routers in the AS where they are located such that route hijacking is prevented.

Download Full-text

A WSN-Oriented Key Agreement Protocol in Internet of Things

Applied Mechanics and Materials ◽

10.4028/www.scientific.net/amm.401-403.1792 ◽

2013 ◽

Vol 401-403 ◽

pp. 1792-1795 ◽

Cited By ~ 5

Author(s):

Tao Liu ◽

Ya Wen Guan ◽

Yi Qun Yan ◽

Li Liu ◽

Qi Chao Deng

Keyword(s):

Internet Of Things ◽

Trust Management ◽

Key Agreement ◽

Bilinear Pairing ◽

Negotiation Process ◽

Third Party ◽

Security And Privacy ◽

The Internet ◽

Key Agreement Protocol ◽

The Internet Of Things

Aimed to the security and privacy issues which restrict the construction and development of the Internet of Things, a WSN-oriented key agreement protocol in the Internet of Things ( IOT) has been proposed . Trust management was introduced the security mechanism of IOT, the use of bilinear pairing technology, the identity-based key agreement was realized. Using the protocol not only can effectively prevent attacks from outside the network and can recognize the abnormal nodes which were captured or lapsed efficacy. Thus it can reduce communication with abnormal nodes to improve network security, extending the lifetime of the network. The distributed self-organizing key negotiation process without credible third-party management can enhance the survivability of IOT, and the network has a good scalability.

Download Full-text

Trust management in social Internet of vehicles: Factors, challenges, blockchain, and fog solutions

International Journal of Distributed Sensor Networks ◽

10.1177/1550147719825820 ◽

2019 ◽

Vol 15 (1) ◽

pp. 155014771982582 ◽

Cited By ~ 21

Author(s):

Razi Iqbal ◽

Talal Ashraf Butt ◽

Muhammad Afzaal ◽

Khaled Salah

Keyword(s):

Internet Of Things ◽

Trust Management ◽

Vehicular Networks ◽

High Efficiency ◽

Fog Computing ◽

Trust Model ◽

The Internet ◽

Internet Of Vehicles ◽

Social Internet Of Things ◽

Trust Models

The Internet of things is the next stage in the evolution of the Internet that is being materialized with the integration of billions of smart objects. The state-of-the-art communication technologies have enabled the previously isolated devices to become an active part of the Internet. This constant connectivity opens new avenues for novel applications such as the realization of social Internet of things and its subdomain the social Internet of vehicles. Socializing requires sharing of information that entails trust, especially in an open and broad social environment. This article highlights the key factors involved in conceptualizing an efficient trust model for social Internet of vehicles. Furthermore, it focuses on the unique challenges involved in designing the trust models for social Internet of vehicles. Several trust models exist in literature; however, most of the existing trust models are specific to their domains, for example, Internet of things, social Internet of things, or general vehicular networks. This article presents a brief review of the trust models that have the potential to be implemented in Social Internet of vehicles. Finally, the authors present an overview of how trending concepts and emerging technologies like blockchain and fog computing can assist in developing a trust-based social Internet of vehicles model for high-efficiency, decentralized architecture and dynamic nature of vehicular networks.

Download Full-text

Labeling and Filtering of Medical Information on the Internet

Methods of Information in Medicine ◽

10.1055/s-0038-1634181 ◽

1999 ◽

Vol 38 (02) ◽

pp. 80-88 ◽

Cited By ~ 30

Author(s):

T. L. Diepgen ◽

G. Eysenbach

Keyword(s):

Analysis of Feedback Evaluation for Trust Management Models in the Internet of Things

IoT ◽

10.3390/iot2030025 ◽

2021 ◽

Vol 2 (3) ◽

pp. 498-509

Author(s):

Claudio Marche ◽

Luigi Serreli ◽

Michele Nitti

Keyword(s):

Internet Of Things ◽

Trust Management ◽

Trust Model ◽

Vital Role ◽

The Internet ◽

Peer Network ◽

The World ◽

The Impact ◽

Peer To Peer Network ◽

The Internet Of Things

The Internet of Things (IoT) is transforming the world into an ecosystem of objects that communicate with each other to enrich our lives. The devices’ collaboration allows the creation of complex applications, where each object can provide one or more services needed for global benefit. The information moves to nodes in a peer-to-peer network, in which the concept of trustworthiness is essential. Trust and Reputation Models (TRMs) are developed with the goal of guaranteeing that actions taken by entities in a system reflect their trustworthiness values and to prevent these values from being manipulated by malicious entities. The cornerstone of any TRM is the ability to generate a coherent evaluation of the information received. Indeed, the feedback generated by the consumers of the services has a vital role as the source of any trust model. In this paper, we focus on the generation of the feedback and propose different metrics to evaluate it. Moreover, we illustrate a new collusive attack that influences the evaluation of the received services. Simulations with a real IoT dataset show the importance of feedback generation and the impact of the new proposed attack.

Download Full-text

Trust Evaluation Model for Internet of Things using Mobile Ad hoc Networks

FUOYE Journal of Engineering and Technology ◽

10.46792/fuoyejet.v6i4.685 ◽

2021 ◽

Vol 6 (4) ◽

Author(s):

Stephen A. Mogaji ◽

Olaniyi A. Ayeni ◽

Oluwaseun G. Fadare

Keyword(s):

Quality Of Service ◽

Internet Of Things ◽

Ad Hoc ◽

Mobile Ad Hoc Network ◽

Social Trust ◽

Trust Model ◽

The Internet ◽

Mobile Ad Hoc ◽

Trust Metrics

Internet of Things (IoT) is a theory that embraces various objects and methods of communication to exchange information. Today, IoT is more a descriptive term of a vision that everything should be linked to the internet. As many as the advantages of IoT, its uniqueness poses a new problem in establishing a trustworthy environment amid some of the items due to the lack of appropriate implementation machineries. However, some common network security measures are not adequate to preserve the integrity of information and services exchanged over the internet. As a result, they remain vulnerable to threats ranging from cyber-physical layer and social layer data management risks. IoT in smart environments interrelates with mobile ad hoc network (MANET), becoming even more attractive and economically successful. This research proposes two different metrics approaches namely Social trust metrics and Quality of Service to evaluate the trustworthiness of IoT Applications using MANET nodes and designing trust metrics that are computed using multiple properties of trust and quality of service. A model would be designed and simulated in NS-2. The findings of the investigation into the evaluation of trustworthiness and network performance are presented. The proposed system model has 99.31% accuracy when there were 10%malicious nodes in the network. When the number of misbehaving nodes was increased to 50%, the accuracy level dropped to 98.75 percent, a difference of only 0.56%. The results show that the security and trustworthiness of the proposed system is an improvement over the existing models like Collaborative Reputation (CORE) trust model and Ant Based Evidence Distribution (trust) model. The proposed model can be used to address security challenges in a network environment. Keywords— Confidence, Honesty, IoT, MANET, QoS, Trustworthiness.

Download Full-text

A Binary Trust Game for the Internet of Things

IoT ◽

10.3390/iot2010004 ◽

2021 ◽

Vol 2 (1) ◽

pp. 50-70

Author(s):

Claudio Marche ◽

Michele Nitti

Keyword(s):

Internet Of Things ◽

Trust Management ◽

Trust Model ◽

Trust Game ◽

The Internet ◽

Human Beings ◽

Management Models ◽

Composite Services ◽

Physical Objects ◽

The Internet Of Things

The IoT is transforming the ordinary physical objects around us into an ecosystem of information that will enrich our lives. The key to this ecosystem is the cooperation among the devices, where things look for other things to provide composite services for the benefit of human beings. However, cooperation among nodes can only arise when nodes trust the information received by any other peer in the system. Previous efforts on trust were concentrated on proposing models and algorithms to manage the level of trustworthiness. In this paper, we focus on modelling the interaction between trustor and trustee in the IoT and on proposing guidelines to efficiently design trust management models. Simulations show the impacts of the proposed guidelines on a simple trust model.

Download Full-text

Analysis of Reading, Reference and Information Management on the Quality of Scientific Writing

Aptisi Transactions on Management (ATM) ◽

10.33050/atm.v2i1.782 ◽

2018 ◽

Vol 2 (1) ◽

pp. 63-69

Author(s):

Muhammad Zarlis ◽

Sherly Astuti ◽

Muhammad Salamuddin

Keyword(s):

Information Management ◽

Scientific Writing ◽

The Internet ◽

Reference List ◽

Management Skill ◽

Library Search ◽

Important Thing ◽

Reading Material ◽

Quality Of Research

In education, for educational instruments scientific writing is a very important thing. It requires an information management skill, information management is a library search, which can be done through a computer and guided by the internet. It can also be through the quality of reading used as a reference for scientific writing. In addition, in producing a paper also must know the management of writing, not only required to pay attention to the rules of standard language, but also must be able to convey ideas and ideas well and meet scientific criteria, such as making a quote or reference list used. This paper was written with the aim of improving the quality of research through reading material, making notes and avoiding plagiarism, references using the Harvard system for journals, books, and articles. Management of citing articles either CD or internet, writing, editing, storing references electronically, writing bibliography, and quotations.

Download Full-text