Service Communautaire d'Information sur la Recherche et le Développement - CORDIS

FP5

PACWOMAN Résumé de rapport

Project ID: IST-2001-34157
Financé au titre de: FP5-IST
Pays: Greece

Trust management in networks of trust

Trust management is becoming a necessity for a large variety of groups of IP interconnected of devices. Networked devices both wireless and fixed, sometimes heterogeneous, create an internet grid capable of sharing services for the benefit of users. Sensors, mobile phones, media centers, home equipment including white goods, along with mainstream devices such as PDAs, laptops, desktop and public servers, are examples of providers and consumers of services. The problem of ownership and trust within and between such groups is becoming a crucial factor; networks should now be identified on the basis of trust rather than on physical or other connectivity criteria.

A Network of Trust (NT) can be any set of IP networked devices identified on the basis of a certificate signed by an owner. In an offline manner, the originator and owner of a NT:
- Creates a root key-pair consisting of a public and a private key,

- Creates a root certificate,

- Signs the certificates of all devices to be included in the NT with the root private key and

- Stores the private root key in a secure place under his responsibility. An IP networked device presenting a certificate signed by the root private key, has as owner the issuer of the root certificate and is said to belong to a Network of Trust (NT).

Within a set of IP networked devices we can distinguish:
- The home NT, consisting of all devices presenting a certificate signed by the owner of this NT.

- One or several foreign NTs. A foreign NT consists of devices on which a foreign owner has conducted steps (a) (d) with his own root key-pair and this foreign owner is trusted by the owner of the home NT.

- Any number of (un-trusted) devices not being able to present any certificate signed either by the owner of the home NT or by any trusted owner of a foreign NT
TruMan is a centralized solution regarding Trust Management within and across NTs; it enables the formation of a NT as well as its operation in an environment of trust. TruMan relies on a dynamically configurable Trust Manager (TM) that is able to enforce authentication and authorization of IP networked devices. The role of the manager is to authenticate devices newly entering the domain of concern, distribute state information and maintain the trusted presence of these devices under various modes of trust.

Informations connexes

Résultat en bref

Reported by

ICCS-NTUA
Heroon Polytechniou 9, Zografou
157 73 Athens
Greece