Abstract
Current PKI-based email systems (such as X.509 S/MIME and PGP/ MIME) potentially enable a recipient to determine a name and organizational affiliation of the sender. This information can suffice for a trust decision when the recipient already knows the sender—but how can a recipient decide whether or not trust email from a new correspondent? Current systems are not expressive enough to capture the real ways that trust flows in these sorts of scenarios. To solve this problem, we begin by applying concepts from social science research to a variety of such cases from interesting application domains; primarily, crisis management in the North American power grid. We have examined transcripts of telephone calls made between grid management personnel during the August 2003 North American blackout and extracted several different classes of trust flows from these real-world scenarios. Combining this knowledge with some design patterns from HCISEC, we develop criteria for a system that will enable humans apply these same methods of trust-building in the digital world. We then present the design and prototype of Attribute-Based, Usefully Secure Email (ABUSE)—and present experimental evaluation showing that it solves the problem.
This paper is based on the first author’s Ph.D. dissertation [1]; a preliminary design report appeared as [2]. This research was supported in part by the NSF under grants CNS-0448499 and CNS-0524695; views and conclusions do not represent those of the sponsors.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Masone, C.: Attribute-Based, Usefully Secure Email. PhD thesis, Dartmouth College (August 2008)
Masone, C., Smith, S.: Towards usefully secure email. IEEE Technology and Society Magazine, Special Issue on Security and Usability (March 2007)
Smith, S.W., Masone, C., Sinclair, S.: Expressing trust in distributed systems: the mismatch between tools and reality. In: Forty-Second Annual Allerton Conference on Privacy, Security and Trust, September 2004, pp. 29–39 (2004)
Ilic, M., Galiana, F., Fink, L. (eds.): Power Systems Restructuring: Engineering and Economics. Power Electronics and Power Systems Series, vol. 11. Kluwer Academic Publishers, Massachusettes (1998)
U.S. House Committee on Energy and Commerce: Blackout 2003: How did it happen and why, Telephone transcripts from MISO (September 2003), http://energycommerce.house.gov/108/hearings/09032003Hearing1061/hearing.htm#docs
Ramsdell, B.: Secure/Multipurpose Internet Mail Extensions (S/MIME) version 3.1 message specification. RFC 3851 (July 2004)
Ramsdell, B.: Secure/Multipurpose Internet Mail Extensions (S/MIME) version 3.1 certificate handling. RFC 3850 (July 2004)
Cooper, D., Santesson, S., Farrell, S., Boeyan, S., Housley, R., Polk, W.: Internet X.509 Public Key Infrastructure Certificate and CRL Profile. RFC 5280 (2008)
Kuhn, D.R., Hu, V.C., Polk, W.T., Chang, S.J.: Introduction to public key technology and the federal PKI infrastructure (February 2001), http://www.csrc.nist.gov/publications/nistpubs/800-32/sp800-32.pdf
Nielsen, R.: Observations from the deployment of a large scale PKI. In: Neuman, C., Hastings, N.E., Polk, W.T. (eds.) 4th Annual PKI R&D Workshop, NIST, August 2005, pp. 159–165 (2005)
Zucker, L.G.: Production of trust: Institutional sources of economic structure, 1840–1920. In: Research in Organizational Behavior, vol. 8, pp. 53–111. JAI Press Inc. (1986)
Bobba, R., Fatemieh, O., Khan, F., Gunter, C.A., Khurana, H.: Using attribute-based access control to enable attribute-based messaging. In: ACSAC 2006, pp. 403–413. IEEE Computer Society, Washington (2006)
Zurko, M.E.: Lotus notes/domino: Embedding security in collaborative applications. In: Cranor, L., Garfinkel, S. (eds.) Usability & Security. O’Reilly, Sebastopol (2005)
Moromisato, G., Boyd, P., Asthagiri, N.: Achieving usable security in Groove Virtual Office. In: Cranor, L., Garfinkel, S. (eds.) Usability & Security. O’Reilly, Sebastopol (2005)
Li, N., Grosof, B.N., Figenbaum, J.: Delegation logic: A logic-based approach to distributed authorization. ACM Transactions on Information and System Security (TISSEC) 6(1), 128–171 (2003)
Li, N., Mitchell, J.C., Winsborough, W.H.: Design of a role-based trust management framework. In: Proceedings of the 2002 IEEE Symposium on Security and Privacy, May 2002, IEEE Computer Society Press, Los Alamitos (2002)
Li, N., Mitchell, J.C.: RT: A role-based trust-management framework. In: Proceedings of The Third DARPA Information Survivability Conference and Exposition (DISCEX III), April 2003, pp. 201–212. IEEE Computer Society Press, Los Alamitos (2003)
Li, N., Mitchell, J.C., Winsborough, W.H.: Beyond proof-of-compliance: Security analysis in trust management. Journal of the ACM 52(3) (May 2005)
Jim, T.: Sd3: A trust management system with certified evaluation. In: SP 2001: Proceedings of the 2001 IEEE Symposium on Security and Privacy, Washington, DC, USA, p. 106. IEEE Computer Society Press, Los Alamitos (2001)
Herzberg, A., Mass, Y., Michaeli, J., Naor, D., Ravid, Y.: Access control meets public key infrastructure, or: Assigning roles to strangers. In: Proceedings of IEEE Symposium on Security and Privacy, May 2000, pp. 2–14 (2000)
Blaze, M., Figenbaum, J., Ioannidis, J., Keromytis, A.D.: The KeyNote trust-management system version 2. RFC 2704 (September 1999)
Blaze, M., Feigenbaum, J., Lacy, J.: Decentralized trust management. In: Proceedings of IEEE Symposium on Security and Privacy, May 1996, pp. 164–173 (1996)
Chu, Y.H., Feigenbaum, J., LaMacchia, B., Resnick, P., Strauss, M.: REFEREE: Trust management for Web applications. Computer Networks and ISDN Systems 29(8–13), 953–964 (1997)
Farrell, S., Housley, R.: An Internet Attribute Certificate Profile for Authorization. RFC 3281 (2002)
Tuecke, S., Welch, V., Engert, D., Pearlman, L., Thompson, M.: Internet X.509 Public Key Infrastructure (PKI) Proxy Certificate Profile. RFC 3820 (2004)
Welch, V., Foster, I., Kesselman, C., Mulmo, O., Pearlman, L., Tuecke, S., Gawor, J., Meder, S., Siebenlist, F.: X.509 Proxy Certificates for Dynamic Delegation. In: Proceedings of 3rd Annual PKI R&D Workshop, NIST/Internet2/NIH, pp. 31–47 (2004)
Goffee, N., Kim, S., Smith, S., Taylor, W., Zhao, M., Marchesini, J.: Greenpass: Decentralized, PKI-based Authorization for Wireless LANs. In: Proceedings of 3rd Annual PKI R&D Workshop, NIST/NIH/Internet2 (April 2004)
OpenSSL: The Open Source toolkit for SSL/TLS, http://www.openssl.org
NSS: Network Security Services, http://www.mozilla.org/projects/security/pki/nss/
Garfinkel, S.: Design Principles and Patterns for Computer Systems That Are Simultaneously Secure and Usable. PhD thesis, Massachusetts Institute of Technology (2005)
Dodd, B.: Ameren. personal communication (October 15, 2007)
Garfinkel, S.L., Miller, R.C.: Johnny 2: a user test of key continuity management with s/mime and outlook express. In: SOUPS 2005: Proceedings of the 2005 symposium on Usable privacy and security, pp. 13–24. ACM, New York (2005)
Whitten, A., Tygar, J.: Why Johnny Can’t Encrypt: A Usability Evaluation of PGP 5.0. In: 8th USENIX Security Symposium, pp. 169–184 (1999)
Schweitzer, S.: Parties call foul over N. H. phone-jamming suit. The Boston Globe (October 23, 2004)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2010 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Masone, C., Smith, S.W. (2010). ABUSE: PKI for Real-World Email Trust. In: Martinelli, F., Preneel, B. (eds) Public Key Infrastructures, Services and Applications. EuroPKI 2009. Lecture Notes in Computer Science, vol 6391. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-16441-5_10
Download citation
DOI: https://doi.org/10.1007/978-3-642-16441-5_10
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-16440-8
Online ISBN: 978-3-642-16441-5
eBook Packages: Computer ScienceComputer Science (R0)