Trust Path Discovery draft-ono-trust-path-discovery-01.txt Kumiko - - PowerPoint PPT Presentation

trust path discovery
SMART_READER_LITE
LIVE PREVIEW

Trust Path Discovery draft-ono-trust-path-discovery-01.txt Kumiko - - PowerPoint PPT Presentation

Mar 17, 2023 105 likes •217 views

Trust Path Discovery draft-ono-trust-path-discovery-01.txt Kumiko Ono Henning Schulzrinne 1 Motivation Protection against unsolicited bulk messages An option for sender filtering Determine whether to accept communications

slide-1
SLIDE 1

1

Trust Path Discovery

draft-ono-trust-path-discovery-01.txt Kumiko Ono Henning Schulzrinne

slide-2
SLIDE 2

2

Motivation

  • Protection against unsolicited bulk messages

– An option for sender filtering

  • Determine whether to accept communication’s requests, e.g.,

emails, calls, instant messages from a “stranger”

  • Based on reputation of that stranger
  • How to get the stranger’s reputation

– Query a third-party reputation system

  • r

– Query trusted friends and their friends

slide-3
SLIDE 3

3

Protection Mechanisms for Unsolicited Bulk Messages

  • Anti-spam/spit/spim

– Content-based filtering – Sender-based filtering: (assume anti-spoofing) e.g.

  • Third-party

accreditation for servers

  • Trust Path Discovery

for servers and individuals

– Others e.g.,

  • Make sending bulk

messages burdensome

  • Anti-spoofing

– For SMTP sender e.g.,

  • Sender ID
  • DomainKeys

– For SIP originator e.g.,

  • SIP identity
  • SAML with SIP?
slide-4
SLIDE 4

4

Our Approach

  • Gathering trustworthy opinions on

individuals and their domains from our friends or community

– Opinions based on trust indicators which represent one’s trust on receiving messages – Chains of trust relationships = Trust paths

  • Among individuals (users)
  • Among domains
  • Between a user and a domain
slide-5
SLIDE 5

5

What are Trust Indicators?

Alice Bob Alice Bob Bob is on Alice’s watcher list (= subscribes to Alice) Log of sending email, call, or message

  • When Alice trusts Bob,

trusts trusts NOTIFY

slide-6
SLIDE 6

6

How to Gather “Trust paths”

Trust path (one-hop)

  • 1. generate

Trust indicators

  • 2. exchange
  • 3. aggregate

Trust path (multi-hop)

  • Watcher list
  • Log of sending mails
  • Log of making calls

Alice Bob Bob Charlie Alice Bob Charlie Alice

slide-7
SLIDE 7

7

How to Exchange “Trust paths”

  • Push-based model: propagating trust paths in

advance, e.g., at registration phase.

ϑ Responsive Λ More need to disclose trust path. Privacy breach?

  • Trust-path can only contain public and semi-private

information, because propagated trust path might be disclosed to third parties

  • Query-based model: query trustworthiness when

needed.

ϑ Less need to disclose trust paths

  • However, query itself is also privacy-sensitive

Λ Slower. Needs to query multiple servers/individuals

  • “Who trusts you?” “Who trusts Alice?”

Our proposal: Push-based model

slide-8
SLIDE 8

8

Conclusion

  • Current Status

– Propagation mechanism

  • A new event package, “opinion”
  • SUBSCRIBE/NOTIFY/(PUBLISH)

– Implementation in progress Your feedback is welcome!

slide-9
SLIDE 9

9

slide-10
SLIDE 10

10

Related Work: Domain Name Accreditation

SMTP client: bar.com SMTP server: foo.com

  • 1. EHLO bar.com

Third-party Accreditation Service

  • 2. Query the trust level
  • f “bar.com”
  • 3. Response

draft-ietf-marid-csv-dna-02.txt