| Title | POSTER: Re-Thinking Risks and Rewards for Trusted Third Parties |
| Publication Type | Conference Paper |
| Year of Publication | 2016 |
| Authors | Malchow, Jan-Ole, Güldenring, Benjamin, Roth, Volker |
| Conference Name | Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security |
| Publisher | ACM |
| Conference Location | New York, NY, USA |
| ISBN Number | 978-1-4503-4139-4 |
| Keywords | certificate authorities, connection insurances, HTTPs, Human Behavior, Metrics, pubcrawl, Resiliency, scalabilty, SSL, SSL Trust Models, TLS, transaction insurances, trusted third parties |
| Abstract | Commercial trusted third parties (TTPs) may increase their bottom line by watering down their validation procedures because they assume no liability for lapses of judgement. Consumers bear the risk of misplaced trust. Reputation loss is a weak deterrent for TTPs because consumers do not choose them - web shops and browser vendors do. At the same time, consumers are the source of income of these parties. Hence, risks and rewards are not well-aligned. Towards a better alignment, we explore the brokering of connection insurances and transaction insurances, where consumers get to choose their insurer. We lay out the principal idea how such a brokerage might work at a technical level with minimal interference with existing protocols and mechanisms, we analyze the security requirements and we propose techniques to meet these requirements. |
| URL | http://doi.acm.org/10.1145/2976749.2989060 |
| DOI | 10.1145/2976749.2989060 |
| Citation Key | malchow_poster:_2016 |
POSTER: Re-Thinking Risks and Rewards for Trusted Third Parties