The following papers are available for download:
Bud P. Bruegger and Peter Lipp, LIGHTest--A Lightweight Infrastructure for Global Heterogeneous Trust Management, in Detlef Hühnlein, Heiko Roβnagel, Christian H. Schunck, Maurizio Talamo (Eds.), Proceedings, Open Identity Summit 2016, Rome, Italy, October 13-14, 2016, Gesellschaft für Informatik e.V. (GI), GI-Edition, Lecture Notes in Informatics, Creative Commons Attribution-NonCommercial 3.0 License.
Abstract:: LIGHTest is a project that is partially funded by the European Commission as an Innovation Action as part of the Horizon2020 program under grant agreement number 700321. LIGHTest‘s objective is to create a Lightweight Infrastructure for Global Heterogeneous Trust management in support of an open Ecosystem of Stakeholders and Trust schemes. We show supported scenarios, motivate the necessity for global trust management and discuss related work. Then we present how LIGHTest addresses the challenges of global trust management, its reference architecture and the pilot applications.
Keywords: trust management, trust decisions, trusted lists, global trust infrastructure
Sven Wagner, Sebastian Kurowski, Uwe Laufs, Heiko Roßnagel, LIGHTest - A Mechanism for Discovery andand Verification Verification of Trust Scheme Memberships: The LIGHTest Reference Architecture
Abstract: Electronic transactions are an integral component of private and business life. For this purpose, a certification of trustworthy electronic identities supported from authorities is often required. Within the EU-funded LIGHTest project, a global trust infrastructure based on DNS is built, where arbitrary authorities can publish their trust information. A high level description of the LIGHTest reference architecture is presented. Then, the Trust Scheme Publication Authority, which enables discovery and verification of trust scheme memberships is introduced.
Keywords: trust infrastructure, trust scheme, trust scheme verification, electronic transaction, trust management, identity management
Anders Schlichtkrull, Jasmin Christian Blanchette, Dmitriy Traytel, A Verified Prover Based on Ordered Resolution
Abstract: The superposition calculus, which underlies first-order theorem provers such as E, SPASS, and Vampire, combines ordered resolution and equality reasoning. As a step towards verifying modern provers, we specify, using Isabelle/HOL, a purely functional first-order ordered resolution prover and establish its soundness and refutational completeness. Methodologically, we apply stepwise refinement to obtain, from an abstract nondeterministic specification, a verified deterministic program, written in a subset of Isabelle/HOL from which we extract purely functional Standard ML code that constitutes a semidecision procedure for first-order logic.
CCS Concepts • Theory of computation → Logic and verification; Automated reasoning;
Keywords: automatic theorem provers, proof assistants, first-order logic, stepwise refinement
Sebastian Alexander Mödersheim, Bihang Ni, GTPL A Graphical Trust Policy Language
Abstract: We present GTPL, a Graphical Trust Policy Language, as an easy-to-use interface for the Trust Policy Language TPL proposed by the LIGHTest project. GTPL uses a simple graphical representation where the central graphical metaphor is to consider the input like certificates or documents as forms and the policy author describes “what to look for” in these forms by putting constrains on the form’s fields. GTPL closes the gap between languages on a logical-technical level such as TPL that require expertise to use, and interfaces like the LIGHTest Graphical-Layer that allow only for very basic patterns.
Keywords: Trust policy; graphical language
Sebastian Mödersheim, Anders Schlichtkrull, Georg Wagner, Stefan More and Lukas Alber, TPL A Trust Policy Language
Abstract: We present TPL, a Trust Policy Language and Trust Management System. It is built around the qualities of modularity, declarativity, expressive power, formal precision, and accountability. The modularity means that TPL is built in a way that makes it easily adaptable to different types of transactions and signatures. From the aspect of declarativity and expressive power, the language is built such that policies are always formulated in a positive form and the language is Turing complete. The formal precision and accountability of the language eliminates ambiguity and allows us to achieve verified evaluations. The idea is that for any decision, the system can generate a proof that can then be checked by a prover that is formally verified, in Isabelle/HOL, to be sound with respect to a first-order logic semantics.
Stephanie Weinhardt, Doreen St. Pierre, Lessons learned – Conducting a User Experience evaluation of a Trust Policy Authoring Toole
Abstract: Most contributions on usable policy authoring and usable IT-Security only focus on the design phase of a tool and on stating guidelines how to make these tools and systems user friendly. There are only some contributions introducing work regarding usability evaluations but even less introducing user experience evaluations. This contribution wants to address this lack. Based on a user experience evaluation with a trust policy authoring tool we present the lessons learned derived from the results.
Keywords: user experience evaluation, trust policy authoring, evaluation methods, lessons learned
Georg Wagner, Olamide Omolola, Stefan More, Harmonizing Delegation Data Formats
Abstract: Delegations are an integral part of daily transactions. A delegation is the process of authorizing one entity to act on behalf of another. For the delegation to work, the claim that an entity is authorized to act on behalf of another entity needs to be verified. Verifying an analog delegation can be done by checking if the name of a user is on a list of authorized persons. In contrast, in electronic transactions the implementation of a delegation and its verification can be a difficult task. A user logging into a system or signing documents with an electronic signature involving a delegation may be required to show this delegation within the signature. This delegation needs to be discovered and verified during the transaction. Many solutions using eXtensible Markup Language (XML) have been proposed to represent delegations; unfortunately, most of these schemes are designed to be used for one specific domain. In this paper, we propose a delegation scheme that fills this gap by providing a general representation for delegation that can be easily extended to different domains.
Keywords: Electronic transactions, eID, Mandates, Delegations, XML
Isaac Henderson Johnson Jeyakumar, Sven Wagner and Heiko Roßnagel, Implementation of Distributed Light weight trust infrastructure for automatic validation of faults in an IOT sensor network
Abstract: The goal of the paper is to design and implement a distributed trust infrastructure, which makes use of the existing Internet Domain Name System (DNS) and its global trust anchor. Since it has high scalability and eases the burden on relying parties in turn, allows for highly efficient queries to support individual trust decisions. In this implementation, a stand-alone private DNS infrastructure including top level domains was developed with Raspberry Pi Cluster. Further, the security of the DNS for the trust infrastructure is enhanced by implementing DNSSEC and DANE protocol with TLSA resource records. It also includes the core functionality of the LIGHTest infrastructure like developing trust lists, Trust Scheme Publication Authority (TSPA) and a Delegation Publisher (DP). In this paper, a distributed trust infrastructure is developed and visualized practically by designing an infrastructure for validation and authentication of faults in the sensor system of an organization using a Raspberry Pi Cluster.
Keywords: Distributed trust infrastructure, DNS, DNSSEC, Raspberry Pi Cluster, Trust Scheme Publication Authority.
Olamide Omolola, Stefan More, Edona Fasllija, Georg Wagner, Lukas Alber, Policy-based Access Control for the IoT and Smart Cities
Abstract: The Internet of Things (IoT) can revolutionize the interaction between users and technology. This interaction generates many sensitive and personal data. Therefore, access to the information they provide should be restricted to only authorized users. However, the limited storage and memory in IoT make it impractical to deploy traditional mechanisms to control access. In this paper, we propose a new access control mechanism based on trust policies adapted from LIGHTest. The proposed protocol also handles delegations in the IoT context elegantly. We provide the protocol overview and discuss its practical applications in the IoT environment.
Keywords: Trust Infrastructure; IoT; Smart City; Access Control; Trust Policy; LIGHTest
Daniel Kales, Olamide Omolola, Sebastian Ramacher, Revisiting User Privacy for Certificate Transparency
Abstract: Public key infrastructure (PKI) based on certificate authorities is one of the cornerstones of secure communication over the internet. Certificates issued as part of this PKI provide authentication of web servers among others. Yet, the PKI ecosystem is susceptible to certificate misissuance and misuse attacks. To prevent those attacks, Certificate Transparency (CT) facilitates auditing of issued certificates and detecting certificates issued without authorization. Users that want to verify inclusion of certificates on CT log servers contact the CT server directly to retrieve inclusion proofs. This direct contact with the log server creates a privacy problem since the users’ browsing activities could be recorded by the log server owner.
Lueks and Goldberg (FC 2015) suggested the use of Private Information Retrieval (PIR) in order to protect the users’ privacy in the CT ecosystem. With the immense amount of certificates included on CT log servers, their approach runs into performance issues, however. Nevertheless, we build on this approach and extend it using multi-tier Merkle trees, and render it practical using multi-server PIR protocols based on distributed point functions (DPFs). Our approach leads to a scalable design suitable to handle the increasing number of certificates and is, in addition, generic allowing instantiations using secure accumulators and PIRs.
We implement and test this mechanism for privacy-preserving membership proof retrieval and show that it can be integrated without disrupting existing CT infrastructure. Most importantly, even for larger CT logs containing 231 certificates, our approach using sub-accumulators can provide privacy with a performance overhead of less than 9 milliseconds in total.
Stephanie Weinhardt and Olamide Omolola, Usability of Policy Authoring Tools: a Layered Approach
Abstract: Many policy authoring tools lack usability, and this deficiency often deters new users from using the tools. In this paper, we propose an approach to make policy authoring more usable and enable novice users to create policies. The process of creating a trust policy using a trust policy language has different levels of complexity for different users. This paper identifies three categories of such users and introduces a three-layered approach to cater to each user group. The approach intuitively reduces the functionalities available based on the capability of each group of users and therefore making policy creation more usable.
Keywords: Policy Authoring, Usability, Layered Approach, Trust Policy
Heiko Roßnagel, Sven Wagner, LIGHTest: eine leichtgewichtige Infrastruktur für globales und heterogenes Vertrauensmanagement
Abstract: Das von der EU-geförderte Forschungsprojekt LIGHTest entwickelt eine globale Vertrauensinfrastruktur, die es ermöglicht elektronische Transaktionen einfach und effizient zu verifizieren. Dabei baut LIGHTest auf der bereits verfügbaren Domain Name Service (DNS)-Infrastruktur auf. Dadurch ermöglicht es LIGHTest, die Vertrauenswürdigkeit von Transaktionen zu bewerten, auch wenn die beteiligten Instanzen unterschiedlichen Trust Domains angehören.
Keywords: DNS, Domain Name Service, Vertrauensinfrastruktur
Sven Wagner, Sebastian Kurowski, Heiko Roßnagel, Unified Data Model for Tuple-Based Trust Scheme Publication
Abstract: Trust schemes are widely used by authorities to support verifiers of electronic transactions to determine the trustworthiness of relying parties. With a tuple-based publication, in addition to the trust scheme membership, the requirements of the trust scheme are published. For this, the development and publication of a unified data model derived from existing trust schemes (e.g. eIDAS) is needed, where each requirement is explicitly represented by one tuple. The consolidation and development of this data model, which is based on nine existing trust schemes, is presented along with possible applications and added value (e.g. improved mapping of trust schemes) in the field of trust verification. The data model includes the three abstract concepts Credential, Identity, and Attributes and in total 98 concepts, which can be added to standard trust lists using ETSI TS 119 612.
Keywords: trust infrastructure, trust scheme, trust scheme publication, electronic transaction, trust management, identity management, eIDAS.