UTILIZING SOCIAL NETWORKING PLATFORMS TO SUPPORT PUBLIC KEY INFRASTRUCTURES

Volker Gruhn, Malte Hülder, Vincent Wolff-Marting

Abstract

Although public key infrastructures (PKI) exist for quite a while already, neither hierarchical PKI based on Certification Authorities (CA) nor decentralized webs-of-trust have come to great popularity, particularly not in the private sector. In this paper we want to analyze some reasons for this development and propose possible solutions. The utilization of social networking platforms which have become popular by the so-called ”web 2.0”, may bridge the gap between webs-of-trust and social networks. Thus, the web-of-trust structure may also become more popular and more widely spread due to the better usability this combination provides. For example, key exchange and authentication of the key owners’ identities can be supported by extended means of social networking platforms.

References

  1. CAcert Inc. (2007). CAcert. http://www.cacert.org/.
  2. Callas, J., Donnerhacke, L., Finney, H., and Thayer, R. (1998). OpenPGP Message Format. RFC 2440.
  3. Caronni, G. (2000). Walking the web of trust. volume 00, page 153, Los Alamitos, CA, USA. IEEE Computer Society.
  4. ”Darxus” (2002). GPG/PGP signature path tracing. http: //www.chaosreigns.com/code/sigtrace/.
  5. Datta, A., Hauswirth, M., and Aberer, K. (2003). Beyond ”web of trust”: Enabling p2p e-commerce. Proceedings of the IEEE International Conference on ECommerce, pages 303-313.
  6. Dierks, T. and Rescorla, E., editors (2006). The Transport Layer Security (TLS) Protocol Version 1.1. RFC 4346.
  7. Eckert, C. (2004). IT-Sicherheit . Oldenbourg Verlag, 3. edition.
  8. Ferguson, N. and Schneier, B. (2003). Practical Cryptography. Wiley.
  9. Golbeck, J., Parsia, B., and Hendler, J. (2003). Cooperative Information Agents VII, volume 2782 of Lecture Notes in Computer Science, chapter Trust Networks on the Semantic Web, pages 238-249. Springer, Berlin, Heidelberg.
  10. Guardiola, X., Guimera, R., Arenas, A., Diaz-Guilera, A., Streib, D., and Amaral, L. A. N. (2002). Macro- and micro-structure of trust networks. ArXiv Condensed Matter e-prints .
  11. Guha, R., Kumar, R., Raghavan, P., and Tomkins, A. (2004). Propagation of trust and distrust. In WWW 7804: Proceedings of the 13th international conference on World Wide Web, pages 403-412, New York, NY, USA. ACM Press.
  12. Housley, R., Polk, W., Ford, W., and Solo, D. (2002). Internet X.509 Public Key Infrastructure - Certificate and Certificate Revocation List (CRL) Profile. RFC 3280.
  13. ITU-T (2005). Recommendation X.500, ”The Directory: Overview of Concepts, Models and Service”.
  14. Khan, J. I. and Shaikh, S. (2006). Relationship algebra for computing in social networks and social network based applications. Proceedings of the 2006 IEEE/WIC/ACM International Conference on Web Intelligence (WI'06).
  15. Kuethe, C. and Laager, R. (2007). OpenPGP public key server. http://pks.sourceforge.net.
  16. Last.fm Ltd. (2007). Last.fm. http://last.fm.
  17. Marsh, S. P. (1994). Formalising Trust as a Computational Concept. PhD-Thesis, Department of Computing Science and Mathematics. University of Stirling.
  18. Maurer, U. (1996a). Modelling a public-key infrastructure. In ESORICS'96.
  19. Maurer, U. (1996b). A unified and generalized treatment of authentication theory. In STACS: Annual Symposium on Theoretical Aspects of Computer Science, volume 1046 of LNCS, pages 387-398.
  20. McDowell, J. (2005). Experimental PGP key path finder. http://the.earth.li/˜noodles/pathfind. html.
  21. Milgram, S. (1967). The small world problem. Psychology Today, 2:60-67.
  22. MySpace.com (2007). Myspace. http://www.myspace. com.
  23. OPEN Business Club AG (2007). Xing. http://www. xing.com.
  24. Rescorla, E. (2000). HTTP Over TLS. RFC 2818.
  25. Richardson, M., Agrawal, R., and Domingos, P. (2003). The SemanticWeb - ISWC 2003 , volume 2870 of Lecture Notes in Computer Science, chapter Trust Management for the Semantic Web, pages 351-368. Springer, Berlin / Heidelberg.
  26. Ries, S., Kangasharju, J., and Mhlhuser, M. (2006). A classification of trust systems. In Meersman, R., Tari, Z., Herrero, P., et al., editors, OTM Workshops 2006, LNCS 4277, pages 894-903. Springer-Verlag Berlin Heidelberg.
  27. Thawte Inc. (2007). Thawte. http://www.thawte.com/ secure-email/web-of-trust-wot/index.html .
  28. Watts, D. J. (2003). Six degrees: The Science of a Connected Age. Norton.
  29. Yahoo! Inc. (2007). Flickr. http://www.flickr.com.
  30. Zimmermann, P. R. (1995). The Official PGP Users Guide. MIT Press, Boston, Massachusetts, U.S.A.
Download


Paper Citation


in Harvard Style

Gruhn V., Hülder M. and Wolff-Marting V. (2007). UTILIZING SOCIAL NETWORKING PLATFORMS TO SUPPORT PUBLIC KEY INFRASTRUCTURES . In Proceedings of the Second International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2007) ISBN 978-989-8111-12-8, pages 245-250. DOI: 10.5220/0002125902450250


in Bibtex Style

@conference{secrypt07,
author={Volker Gruhn and Malte Hülder and Vincent Wolff-Marting},
title={UTILIZING SOCIAL NETWORKING PLATFORMS TO SUPPORT PUBLIC KEY INFRASTRUCTURES},
booktitle={Proceedings of the Second International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2007)},
year={2007},
pages={245-250},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0002125902450250},
isbn={978-989-8111-12-8},
}


in EndNote Style

TY - CONF
JO - Proceedings of the Second International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2007)
TI - UTILIZING SOCIAL NETWORKING PLATFORMS TO SUPPORT PUBLIC KEY INFRASTRUCTURES
SN - 978-989-8111-12-8
AU - Gruhn V.
AU - Hülder M.
AU - Wolff-Marting V.
PY - 2007
SP - 245
EP - 250
DO - 10.5220/0002125902450250