Share on Facebook Tweet on Twitter Share on LinkedIn Share by email
Medina: Combining Evidence to Build Trust

Johannes Helander and Ben Zorn

Abstract

Security mechanisms require °exibility to accommodate the frailties of the imperfect people that use them. For example, password systems typically allow users who forget their passwords to reset their password after passing some other test. More gen- erally, many human decisions of trust are based on weighing a preponderance of evidence in an ad hoc fashion. We present Medina, an authentication system based on combining various forms of evidence in a computational framework. Medina assumes that all authorization decisions are based on weighing a variety of evidence and brings elements of security (such as what happens when someone forgets their password) into a computational framework. Medina also allows for a range of access control policies that are less strict and/or more °exible than traditional security mechanisms.

Details

Publication typeInproceedings
Published inWeb 2.0 Security and Privacy, in conjunction with IEEE Symposium on Security and Privacy
> Publications > Medina: Combining Evidence to Build Trust