Abstract
The problem of determining whether a receiver may safely accept attributes (e.g., identity, credentials, location) of unknown senders in various online social protocols is a special instance of a more general problem of establishing trust in interactive protocols. We introduce the notion of interactive trust protocols to illustrate the usefulness of social collateral in reducing the inherent trust asymmetry in large classes of online user interactions. We define a social collateral model that allows receivers to accept attributes from unknown senders based on explicit recommendations received from social relations. We use social collateral as a measure of both social relations and “tie strength” among individuals to provide different degrees of accountability when accepting attribute information from unknown senders. Our model is robust in the face of several specific attacks, such as impersonation and tie-strength-amplification attacks. Preliminary experiments with visualization of measured tie strength among users of a social network indicate that the model is usable by ordinary protocol participants.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Sophos Facebook ID Probe, http://www.sophos.com/pressoffice/news/articles/2007/08/facebook.html
Bilge, L., Strufe, T., Balzarotti, D., Kirda, E.: All Your Contacts Are Belong to Us: Automated Identity Theft Attacks on Social Networks. In: Proceedings of WWW (2009)
Economist. Duly notarised (September 2011), http://www.economist.com/blogs/babbage/2011/09/internet-security
Edwards, J., Ogilvie, S.: Contract Enforcement, Institutions and Social Capital: the Maghribi Traders Reappraised. CSEIFO Working Paper (March 2008)
Friedkin, N.E.: A Test of Structural Features of Granovetter’s Strength of Weak Ties Theory. Social Networks (1980)
Gilbert, E., Karahalios, K.: Predicting Tie Strength With Social Media. In: Proceedings of the 27th ACM SIGCHI Conference on Human Factors in Computing Systems, CHI (2009)
Gilbert, E., Karahalios, K., Sandvig, C.: The Network in the Garden: An Empirical Analysis of Social Media in Rural Life. In: Proceedings of the 26th ACM SIGCHI Conference on Human Factors in Computing Systems, CHI (2008)
Gligor, V., Perrig, A., Zhao, J.: Brief Encounters with a Randomkey Graph. In: Proceedings of the 17th Security Protocols Workshop (April 2009)
Gligor, V.: Towards a Theory of Trust in Networks of Humans and Computers (Transcript of Discussion). In: Christianson, B., Crispo, B., Malcolm, J., Stajano, F. (eds.) Security Protocols 2011. LNCS, vol. 7114, pp. 243–257. Springer, Heidelberg (2011)
Goldberg, J.: Making reputation work: re-examining law, labor and enforcement among Geniza businessmen. Before and Beyond Europe: Economic Change in Historical Perspective (Yale University) (February 2011)
Granovetter, M.S.: The Strength of Weak Ties. The American Journal of Socialogy (1973)
Grief, A.: Contract Enforceability and Economic Institutions in Early Trade: the Maghribi Traders Coalition. American Economic Review (June 1993)
Hamiel, N., Moyer, S.: Satan Is On My Friends List: Attacking Social Networks. In: Black Hat Conference (2008)
Hu, Q., Xu, Z., Dinev, T., Ling, H.: Does Deterrence Work in Reducing Information Security Policy Abuse by Employees? Communications of the ACM (2011)
Karlan, D., Mobius, M., Rosenblat, T., Szeidl, A.: Trust and Social Collateral. The Quarterly Journal of Economics (August 2009)
Kent, S.T., Millett, L.I. (eds.): Who Goes There? Authentication Through the Lens of Privacy. National Academies Press (2003)
Kim, T.H.-J., Bauer, L., Newsome, J., Perrig, A., Walker, J.: Challenges in access right assignment for secure home networks. In: Proceedings of the 5th USENIX Workshop on Hot Topics in Security, HotSec 2010 (2010)
Kim, T.H.-J., Yamada, A., Gligor, V., Hong, J.I., Perrig, A.: RelationGrams: Tie-Strength Visualization for User-Controlled Online Identity Authentication. Technical Report CMU-CyLab-11-014, Carnegie Mellon University (2011)
Krackhardt, D.: The Strength of Strong Ties: The Importance of Philos in Organizations. In: Nohria, N., Eccles, R. (eds.) Networks and Organizations: Structure, Form, and Action (1992)
Lin, N., Dayton, P.W., Greenwald, P.: Analyizing the Instrumental Use of Relations in the Context of Social Structure. Sociological Methods Research
Moore, A.P., Cappelli, D.M., Caron, T.C., Shaw, E., Spooner, D., Trzeciak, R.F.: A Preliminary Model of Insider Theft of Intellectual Property. Journal of Wireless Mobile Networks, Ubiquitous Computing, and Dependable Applications (2011)
Moore, A.P., Cappelli, D.M., Trzeciak, R.F.: The ”Big Picture” of Insider IT Sabotage Across U.S. Critical Infrastructures. Technical Report CMU/SEI-2008-TR-009, Carnegie Mellon University (2008)
Ryan, T.: Getting in Bed with Robin Sage. In: Black Hat Conference (2010)
Shi, X., Adamic, L.A., Strauss, M.J.: Networks of Strong Ties. Physica A: Statistical Mechanics and its Applications
Shneiderman, B.: Designing Trust into Online Experiences. Communications of the ACM (2000)
Stajano, F., Wilson, P.: Understanding Scam Victims: Seven Principles for Systems Security. Communications of the ACM (2011)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Kim, T.HJ., Gligor, V., Perrig, A. (2012). Street-Level Trust Semantics for Attribute Authentication. In: Christianson, B., Malcolm, J., Stajano, F., Anderson, J. (eds) Security Protocols XX. Security Protocols 2012. Lecture Notes in Computer Science, vol 7622. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-35694-0_12
Download citation
DOI: https://doi.org/10.1007/978-3-642-35694-0_12
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-35693-3
Online ISBN: 978-3-642-35694-0
eBook Packages: Computer ScienceComputer Science (R0)