Trust Management for the World Wide Web
by
Yang-hua Chu
Submitted to the Department of Electrical Engineering and Computer Science
in Partial Fulfillment of the Requirements for the Degree of
Master of Engineering in Electrical Engineering and Computer Science
at the Massachusetts Institute of Technology
June 13, 1997
Copyright 1997 Yang-hua Chu. All rights reserved.
The author hereby grants to M.I.T. permission to reproduce and
distribute publicly paper and electronic copies of this thesis
and to grant others the rights to do so.
Author________________________________________________________________________________
Department of Electrical Engineering and Computer Science
Certified by____________________________________________________________________________
Dr. Joan Feigenbaum
Technology Consultant, AT&T Labs—Research
Certified by____________________________________________________________________________
Dr. James S. Miller
Thesis Supervisor, Lecturer
Accepted by ___________________________________________________________________________
Professor Arthur C. Smith
Chairman, Department Committee on Graduate Thesis
Trust Management for the World Wide Web
by
Yang-hua Chu
Submitted to the Department of Electrical Engineering and Computer Science
June 13, 1997
in Partial Fulfillment of the Requirements for the Degree of
Master of Engineering in Electrical Engineering and Computer Science
at the Massachusetts Institute of Technology
ABSTRACT
Digital signatures alone are not sufficient for code signing and other Web applications: Signatures can solve the problems of message integrity and authentication, but they do not adequately address more general notions of security and trust. These applications require not only cryptographic tools for determining authenticity and message integrity but also a robust notion of "security policy" and a way to decide whether a request for action complies with a policy. For example, in a code-signing application, a user's security policy must state the properties that the code is required to have in order to be considered "safe" in the user's environment. Similarly, the entity signing the code must state precisely what properties he claims the code has.
My thesis will identify what trust management is in the context of the World Wide Web and propose a general architecture to close the gap between trust and cryptography. I will describe two specific languages for describing trust policies and a general mechanism for evaluating whether a request for action complies with policy.
Thesis Supervisor
|
Title
|
Affiliation
|
Dr. Joan Feigenbaum
|
Technology Consultant
|
AT&T Labs—Research
|
Dr. James S. Miller
|
Technology and Society Domain Leader
|
The World Wide Web Consortium, MIT Laboratory for Computer Science
|
ACKNOWLEDGEMENTS
First I thank my thesis supervisors, Dr. Joan Feigenbaum and Dr. Jim Miller. They were always ready to give me guidance and support when I encountered problems during my research and thesis writing. They also provided me invaluable opportunities to attend conferences and give presentations.
I was grateful to work with several talented researchers at AT&T Labs—Research, including Brian LaMacchia, Paul Resnick, and Martin Strauss. We co-developed REFEREE, which ultimately became the focus of my research and thesis work. Their enthusiasm and devotion to doing research made them inspiring role models.
Many thanks to the team members at the World Wide Web Consortium, where I spent the past year writing my thesis. Special thanks to the T&S team members Eui-suk Chung, Philip DesAutels, Rohit Khare, and Joseph Reagle. Their presence and encouragement make my daily work on the third floor of LCS fun and worthwhile. Special thanks to Philip, whom I spent a great deal of time with in the Digital Signature Initiative project, and Joseph, who lent me the thesis template.
Finally I have to thank my personal support team: my mom and dad, my brothers Yung-hua, Ching-hua, and Hao-hua, and my girlfriend Wendy. Although land and sea separated us most of the time, we were always connected deep in our hearts. Every bit of caring and encouragement was my most precious source of energy. There are no words that can express my gratitude to them.
Trust Management for the World Wide Web 1
Trust Management for the World Wide Web 3
ABSTRACT 3
ACKNOWLEDGEMENTS 5
Table of Contents 7
List of Figures and Tables 8
1 Introduction 9
2 Trust Management 11
3 Execution Environment 28
4 Policy Language 35
5 REFEREE Reference Implementation 49
6 Conclusion 58
Appendices 59
Appendices 59
References 62
References 62
List of Figures and Tables
Figure 1 Trust Management Infrastructure 14
Figure 2 Dependency Graph of Trust Management Infrastructure Components 14
Figure 3 PICS in the Trust Management Infrastructure 15
Figure 4 X.509 in the Trust Management Infrastructure 17
Figure 5 PolicyMaker in the Trust Management Infrastructure 18
Figure 6 Authenticode in the Trust Management Infrastructure 20
Figure 7 Authenticode User Permission Interface 21
Figure 8 Configuring a List of Trusted Entities in Authenticode 22
Figure 9 Cool Game Download 23
Figure 10 A Snapshot of the Boston Globe Web Document 25
Figure 11 Flow chart for signing and verifying a digital signature 26
Figure 12 REFEREE External API 29
Figure 13 Sample block diagram of REFEREE internal structure. 30
Figure 14 Required interface for every REFEREE module 31
Figure 15 Sample REFEREE Implementation 34
Figure 16 Jigsaw Proxy Architecture 50
Figure 17 Sample REFEREE Implementation 54
Table 1 A Sample Module Database 33
Table 2 Truth table for the and operator 41
Table 3 Truth Table for the or operator 41
Table 4 Truth Table for the not operator 42
Table 5 Truth Table for the true-if-unknown operator 42
Table 6 Truth Table for the false-if-unknown operator 42
Dostları ilə paylaş: |