LoT: a Reputation-based Trust System for Long-term Archiving

LoT: a Reputation-based Trust System for Long-term Archiving

Martín Vigil, Denise Demirel, Sheikh Mahbub Habib, Sascha Hauke, Johannes Buchmann, Max Mühlhäuser (Technische Universität Darmstadt)

Digital archiving systems are necessary to store documents for several years, such as electronic health records. However, security breaches in these systems may allow attackers to tamper with archived documents without being noticed. To address this threat, standardized archiving systems require a public key infrastructure, where a time-stamp authority is trusted to date and sign stored documents periodically. However, in practice a time-stamp authority may not be fully trustworthy, allowing an attacker to forge documents. Thus, in this paper, we introduce a novel reputation-based trust system for time-stamping-based archiving called Long-term evaluation of Trust (LoT), which alleviates the required trust assumptions. This makes LoT an important contribution to realize trust and security management for digital archiving systems using public key infrastructures. We implemented LoT showcasing its applicability to electronic health records and demonstrate its efficacy by simulations.

The Tenth International Conference on Emerging Security Information, Systems and Technologies - SECURWARE 2016, http://www.iaria.org/conferences2016/SECURWARE16.html
Track: Security management

Place and Date
July 24 - 28, 2016 - Nice, France