Skip to main content
SpringerLink
Log in
Book cover

International Workshop on Security Protocols

Security Protocols 2012: Security Protocols XX pp 96–115Cite as

Street-Level Trust Semantics for Attribute Authentication

  • Conference paper

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 7622))

Abstract

The problem of determining whether a receiver may safely accept attributes (e.g., identity, credentials, location) of unknown senders in various online social protocols is a special instance of a more general problem of establishing trust in interactive protocols. We introduce the notion of interactive trust protocols to illustrate the usefulness of social collateral in reducing the inherent trust asymmetry in large classes of online user interactions. We define a social collateral model that allows receivers to accept attributes from unknown senders based on explicit recommendations received from social relations. We use social collateral as a measure of both social relations and “tie strength” among individuals to provide different degrees of accountability when accepting attribute information from unknown senders. Our model is robust in the face of several specific attacks, such as impersonation and tie-strength-amplification attacks. Preliminary experiments with visualization of measured tie strength among users of a social network indicate that the model is usable by ordinary protocol participants.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   49.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Sophos Facebook ID Probe, http://www.sophos.com/pressoffice/news/articles/2007/08/facebook.html

  2. Bilge, L., Strufe, T., Balzarotti, D., Kirda, E.: All Your Contacts Are Belong to Us: Automated Identity Theft Attacks on Social Networks. In: Proceedings of WWW (2009)

    Google Scholar 

  3. Economist. Duly notarised (September 2011), http://www.economist.com/blogs/babbage/2011/09/internet-security

  4. Edwards, J., Ogilvie, S.: Contract Enforcement, Institutions and Social Capital: the Maghribi Traders Reappraised. CSEIFO Working Paper (March 2008)

    Google Scholar 

  5. Friedkin, N.E.: A Test of Structural Features of Granovetter’s Strength of Weak Ties Theory. Social Networks (1980)

    Google Scholar 

  6. Gilbert, E., Karahalios, K.: Predicting Tie Strength With Social Media. In: Proceedings of the 27th ACM SIGCHI Conference on Human Factors in Computing Systems, CHI (2009)

    Google Scholar 

  7. Gilbert, E., Karahalios, K., Sandvig, C.: The Network in the Garden: An Empirical Analysis of Social Media in Rural Life. In: Proceedings of the 26th ACM SIGCHI Conference on Human Factors in Computing Systems, CHI (2008)

    Google Scholar 

  8. Gligor, V., Perrig, A., Zhao, J.: Brief Encounters with a Randomkey Graph. In: Proceedings of the 17th Security Protocols Workshop (April 2009)

    Google Scholar 

  9. Gligor, V.: Towards a Theory of Trust in Networks of Humans and Computers (Transcript of Discussion). In: Christianson, B., Crispo, B., Malcolm, J., Stajano, F. (eds.) Security Protocols 2011. LNCS, vol. 7114, pp. 243–257. Springer, Heidelberg (2011)

    Chapter  Google Scholar 

  10. Goldberg, J.: Making reputation work: re-examining law, labor and enforcement among Geniza businessmen. Before and Beyond Europe: Economic Change in Historical Perspective (Yale University) (February 2011)

    Google Scholar 

  11. Granovetter, M.S.: The Strength of Weak Ties. The American Journal of Socialogy (1973)

    Google Scholar 

  12. Grief, A.: Contract Enforceability and Economic Institutions in Early Trade: the Maghribi Traders Coalition. American Economic Review (June 1993)

    Google Scholar 

  13. Hamiel, N., Moyer, S.: Satan Is On My Friends List: Attacking Social Networks. In: Black Hat Conference (2008)

    Google Scholar 

  14. Hu, Q., Xu, Z., Dinev, T., Ling, H.: Does Deterrence Work in Reducing Information Security Policy Abuse by Employees? Communications of the ACM (2011)

    Google Scholar 

  15. Karlan, D., Mobius, M., Rosenblat, T., Szeidl, A.: Trust and Social Collateral. The Quarterly Journal of Economics (August 2009)

    Google Scholar 

  16. Kent, S.T., Millett, L.I. (eds.): Who Goes There? Authentication Through the Lens of Privacy. National Academies Press (2003)

    Google Scholar 

  17. Kim, T.H.-J., Bauer, L., Newsome, J., Perrig, A., Walker, J.: Challenges in access right assignment for secure home networks. In: Proceedings of the 5th USENIX Workshop on Hot Topics in Security, HotSec 2010 (2010)

    Google Scholar 

  18. Kim, T.H.-J., Yamada, A., Gligor, V., Hong, J.I., Perrig, A.: RelationGrams: Tie-Strength Visualization for User-Controlled Online Identity Authentication. Technical Report CMU-CyLab-11-014, Carnegie Mellon University (2011)

    Google Scholar 

  19. Krackhardt, D.: The Strength of Strong Ties: The Importance of Philos in Organizations. In: Nohria, N., Eccles, R. (eds.) Networks and Organizations: Structure, Form, and Action (1992)

    Google Scholar 

  20. Lin, N., Dayton, P.W., Greenwald, P.: Analyizing the Instrumental Use of Relations in the Context of Social Structure. Sociological Methods Research

    Google Scholar 

  21. Moore, A.P., Cappelli, D.M., Caron, T.C., Shaw, E., Spooner, D., Trzeciak, R.F.: A Preliminary Model of Insider Theft of Intellectual Property. Journal of Wireless Mobile Networks, Ubiquitous Computing, and Dependable Applications (2011)

    Google Scholar 

  22. Moore, A.P., Cappelli, D.M., Trzeciak, R.F.: The ”Big Picture” of Insider IT Sabotage Across U.S. Critical Infrastructures. Technical Report CMU/SEI-2008-TR-009, Carnegie Mellon University (2008)

    Google Scholar 

  23. Ryan, T.: Getting in Bed with Robin Sage. In: Black Hat Conference (2010)

    Google Scholar 

  24. Shi, X., Adamic, L.A., Strauss, M.J.: Networks of Strong Ties. Physica A: Statistical Mechanics and its Applications

    Google Scholar 

  25. Shneiderman, B.: Designing Trust into Online Experiences. Communications of the ACM (2000)

    Google Scholar 

  26. Stajano, F., Wilson, P.: Understanding Scam Victims: Seven Principles for Systems Security. Communications of the ACM (2011)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Carnegie Mellon University, Pittsburgh, PA, 15213, USA

    Tiffany Hyun-Jin Kim, Virgil Gligor & Adrian Perrig

Authors
  1. Tiffany Hyun-Jin Kim
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Virgil Gligor
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Adrian Perrig
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. School of Computer Science, University of Hertfordshire, AL10 9AB, Hatfield, UK

    Bruce Christianson

  2. Department of Computer Science, University of Hertfordshire, AL10 9AB, Hatfield, UK

    James Malcolm

  3. Computer Laboratory, University of Cambridge, 15 JJ Thomson Avenue, CB3 0FD, Cambridge, UK

    Frank Stajano  & Jonathan Anderson  & 

Rights and permissions

Reprints and permissions

Copyright information

© 2012 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Kim, T.HJ., Gligor, V., Perrig, A. (2012). Street-Level Trust Semantics for Attribute Authentication. In: Christianson, B., Malcolm, J., Stajano, F., Anderson, J. (eds) Security Protocols XX. Security Protocols 2012. Lecture Notes in Computer Science, vol 7622. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-35694-0_12

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-35694-0_12

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-35693-3

  • Online ISBN: 978-3-642-35694-0

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation