Medina: Combining Evidence to Build Trust
- Johannes Helander ,
- Ben Zorn
Web 2.0 Security and Privacy, in conjunction with IEEE Symposium on Security and Privacy |
Security mechanisms require flexibility to accommodate the frailties of the imperfect people that use them. For example, password systems typically allow users who forget their passwords to reset their password after passing some other test. More generally, many human decisions of trust are based on weighing a preponderance of evidence in an ad hoc fashion. We present Medina, an authentication system based on combining various forms of evidence in a computational framework. Medina assumes that all authorization decisions are based on weighing a variety of evidence and brings elements of security (such as what happens when someone forgets their password) into a computational framework. Medina also allows for a range of access control policies that are less strict and/or more flexible than traditional security mechanisms.