{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,6]],"date-time":"2026-01-06T13:47:36Z","timestamp":1767707256313,"version":"3.45.0"},"reference-count":46,"publisher":"Association for Computing Machinery (ACM)","issue":"1","license":[{"start":{"date-parts":[[2018,1,9]],"date-time":"2018-01-09T00:00:00Z","timestamp":1515456000000},"content-version":"vor","delay-in-days":365,"URL":"http:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":["ACM Trans. Priv. Secur."],"published-print":{"date-parts":[[2017,2,28]]},"abstract":"<jats:p>In this article, we address the problem of scaling authentication for naming, routing, and end-entity (EE) certification to a global environment in which authentication policies and users\u2019 sets of trust roots vary widely. The current mechanisms for authenticating names (DNSSEC), routes (BGPSEC), and EE certificates (TLS) do not support a coexistence of authentication policies, affect the entire Internet when compromised, cannot update trust root information efficiently, and do not provide users with the ability to make flexible trust decisions. We propose the Scalable Authentication Infrastructure for Next-generation Trust (SAINT), which partitions the Internet into groups with common, local trust roots and isolates the effects of a compromised trust root. SAINT requires groups with direct routing connections to cross-sign each other for authentication purposes, allowing diverse authentication policies while keeping all entities\u2019 authentication information globally discoverable. SAINT makes trust root management a central part of the network architecture, enabling trust root updates within seconds and allowing users to make flexible trust decisions. SAINT operates without a significant performance penalty and can be deployed alongside existing infrastructures.<\/jats:p>","DOI":"10.1145\/3007208","type":"journal-article","created":{"date-parts":[[2017,1,10]],"date-time":"2017-01-10T10:41:17Z","timestamp":1484044877000},"page":"1-34","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":11,"title":["Authentication Challenges in a Global Environment"],"prefix":"10.1145","volume":"20","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-4659-054X","authenticated-orcid":false,"given":"Stephanos","family":"Matsumoto","sequence":"first","affiliation":[{"name":"Carnegie Mellon University\/ETH Zurich, Pittsburgh, PA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Raphael M.","family":"Reischuk","sequence":"additional","affiliation":[{"name":"ETH Zurich, Zurich, Switzerland"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Pawel","family":"Szalachowski","sequence":"additional","affiliation":[{"name":"ETH Zurich, Zurich, Switzerland"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Tiffany Hyun-Jin","family":"Kim","sequence":"additional","affiliation":[{"name":"HRL Laboratories, Malibu, CA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Adrian","family":"Perrig","sequence":"additional","affiliation":[{"name":"ETH Zurich, Zurich, Switzerland"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2017,1,9]]},"reference":[{"key":"e_1_2_1_1_1","doi-asserted-by":"publisher","DOI":"10.5555\/2490483.2490502"},{"key":"e_1_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.1145\/1402958.1402997"},{"key":"e_1_2_1_3_1","doi-asserted-by":"crossref","unstructured":"R. Arends R. Austein M. Larson D. Massey and S. Rose. 2005. DNS Security Introduction and Requirements. RFC 4033. Available at https:\/\/www.ietf.org\/rfc\/rfc4033.txt.","DOI":"10.17487\/rfc4033"},{"key":"e_1_2_1_4_1","unstructured":"David Barrera Raphael M. Reischuk Pawel Szalachowski and Adrian Perrig. 2015. SCION five years later: Revisiting scalability control and isolation on next-generation networks. arXiv:1508.01651."},{"key":"e_1_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1145\/2660267.2660298"},{"key":"e_1_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1007\/s13389-012-0027-1"},{"volume-title":"Proceedings of the 1986 Symposium on Security and Privacy (SP\u201986)","author":"Birrell Andrew D.","key":"e_1_2_1_7_1","unstructured":"Andrew D. Birrell, Butler W. Lampson, Roger M. Needham, and Michael D. Schroeder. 1986. A global authentication service without global trust. In Proceedings of the 1986 Symposium on Security and Privacy (SP\u201986). 223."},{"key":"e_1_2_1_8_1","volume-title":"GCHQ and European Spy Agencies Worked Together on Mass Surveillance. Retrieved","author":"Borger Julian","year":"2016","unstructured":"Julian Borger. 2013. GCHQ and European Spy Agencies Worked Together on Mass Surveillance. Retrieved December 4, 2016, from http:\/\/www.theguardian.com\/uk-news\/2013\/nov\/01\/gchq-europe-spy-agencies-mass-surveillance-snowden."},{"key":"e_1_2_1_9_1","unstructured":"CAIDA. 2014. The CAIDA AS Relationships Dataset. Available at http:\/\/www.caida.org\/data\/as-relationships\/."},{"key":"e_1_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1109\/INFCOM.1999.751457"},{"key":"e_1_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.17487\/RFC1992"},{"key":"e_1_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.5555\/296806.296824"},{"key":"e_1_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.5555\/1754868.1754897"},{"key":"e_1_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1109\/CNS.2015.7346853"},{"key":"e_1_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1145\/972426.944770"},{"key":"e_1_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1145\/2535771.2535787"},{"key":"e_1_2_1_17_1","doi-asserted-by":"crossref","unstructured":"David Cooper Stefan Santesson Stephen Farrell Sharon Boeyen Russell Housley and Tim Polk. 2008. Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile. RFC 5280. Available at https:\/\/tools.ietf.org\/html\/rfc5280.","DOI":"10.17487\/rfc5280"},{"key":"e_1_2_1_18_1","doi-asserted-by":"crossref","unstructured":"Tim Dierks and Eric Rescorla. 2008. The Transport Layer Security (TLS) Protocol Version 1.2. RFC 5246. Available at https:\/\/tools.ietf.org\/html\/rfc5246.","DOI":"10.17487\/rfc5246"},{"key":"e_1_2_1_19_1","volume-title":"An Order of Seven Global Cyber-Guardians Now Hold Keys to the Internet. Retrieved","author":"Dillow C.","year":"2016","unstructured":"C. Dillow. 2010. An Order of Seven Global Cyber-Guardians Now Hold Keys to the Internet. Retrieved December 4, 2016, from http:\/\/www.popsci.com\/technology\/article\/2010-07\/order-seven-cyber-guardians-around-world-now-hold-keys-internet."},{"key":"e_1_2_1_20_1","volume-title":"Proceedings of the 2010 Chaos Communication Congress.","author":"Eckersley Peter","year":"2010","unstructured":"Peter Eckersley and Jesse Burns. 2010. Is the SSLiverse a Safe Place? In Proceedings of the 2010 Chaos Communication Congress."},{"key":"e_1_2_1_21_1","volume-title":"British intelligence mining data from nine U.S. Internet companies in broad secret program. Washington Post. Retrieved","author":"Gellman Barton","year":"2016","unstructured":"Barton Gellman and Laura Poitras. 2013. U.S., British intelligence mining data from nine U.S. Internet companies in broad secret program. Washington Post. Retrieved December 4, 2016, from http:\/\/www.washingtonpost.com\/investigations\/us-intelligence-mining-data-from-nine-us-internet-companies-in-broad-secret-program\/2013\/06\/06\/3a0c0da8-cebf-11e2-8845-d970ccb04497_story.html."},{"key":"e_1_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.5555\/882488.884174"},{"key":"e_1_2_1_23_1","doi-asserted-by":"crossref","unstructured":"P. Hoffman and J. Schlyter. 2012. The DNS-Based Authentication of Named Entities (DANE) Transport Layer Security (TLS) Protocol: TLSA. RFC 6698. Available at https:\/\/tools.ietf.org\/html\/rfc6698.","DOI":"10.17487\/rfc6698"},{"key":"e_1_2_1_24_1","unstructured":"ICANN. 2012. gTLD Applicant Guidebook. Available at https:\/\/newgtlds.icann.org\/en\/applicants\/agb."},{"key":"e_1_2_1_25_1","series-title":"Lecture Notes in Computer Science","volume-title":"Financial Cryptography and Data Security","author":"Kasten James","unstructured":"James Kasten, Eric Wustrow, and J. Alex Halderman. 2013. CAge: Taming certificate authorities by inferring restricted scopes. In Financial Cryptography and Data Security. Lecture Notes in Computer Science, Vol. 7859. Springer, 329--337."},{"key":"e_1_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.1109\/49.839934"},{"key":"e_1_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.1145\/2488388.2488448"},{"key":"e_1_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.1145\/279227.279229"},{"key":"e_1_2_1_29_1","doi-asserted-by":"publisher","DOI":"10.1145\/121132.121160"},{"key":"e_1_2_1_30_1","doi-asserted-by":"crossref","unstructured":"Ben Laurie Adam Langley and Emilia Kasper. 2013. Certificate Transparency. RFC 6962. Available at https:\/\/tools.ietf.org\/html\/rfc6962.","DOI":"10.17487\/rfc6962"},{"key":"e_1_2_1_31_1","volume-title":"BGPSEC Protocol Specification. Retrieved","author":"Lepinski M.","year":"2016","unstructured":"M. Lepinski. 2013. BGPSEC Protocol Specification. Retrieved December 4, 2016, from https:\/\/tools.ietf.org\/html\/draft-ietf-sidr-bgpsec-protocol-07."},{"key":"e_1_2_1_32_1","doi-asserted-by":"crossref","unstructured":"M. Lepinski and S. Kent. 2012. An Infrastructure to Support Secure Internet Routing. RFC 6480. Available at https:\/\/tools.ietf.org\/html\/rfc6480.","DOI":"10.17487\/rfc6480"},{"key":"e_1_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.5555\/1972457.1972474"},{"key":"e_1_2_1_34_1","volume-title":"SSL and the Future of Authenticity. Retrieved","author":"Marlinspike Moxie","year":"2016","unstructured":"Moxie Marlinspike. 2011. SSL and the Future of Authenticity. Retrieved December 4, 2016, from http:\/\/www.thoughtcrime.org\/blog\/ssl-and-the-future-of-authenticity\/."},{"key":"e_1_2_1_35_1","volume-title":"Reischuk","author":"Matsumoto Stephanos","year":"2015","unstructured":"Stephanos Matsumoto and Raphael M. Reischuk. 2015. Certificates-as-an-insurance: Incentivizing accountability in SSL\/TLS. Internet Society. Retrieved December 4, 2016, from http:\/\/internetsociety.org\/sites\/default\/files\/01_6.pdf."},{"key":"e_1_2_1_36_1","doi-asserted-by":"publisher","DOI":"10.1145\/319151.319160"},{"key":"e_1_2_1_37_1","doi-asserted-by":"crossref","unstructured":"R. Moskowitz T. Heer P. Jokela and T. Henderson. 2008. Host Identity Protocol. RFC 5201. Available at https:\/\/tools.ietf.org\/html\/rfc5201.","DOI":"10.17487\/rfc5201"},{"key":"e_1_2_1_38_1","doi-asserted-by":"publisher","DOI":"10.5555\/2643634.2643666"},{"key":"e_1_2_1_39_1","doi-asserted-by":"publisher","DOI":"10.1109\/12.737682"},{"key":"e_1_2_1_40_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2014.23379"},{"key":"e_1_2_1_41_1","doi-asserted-by":"publisher","DOI":"10.1145\/2660267.2660376"},{"key":"e_1_2_1_42_1","doi-asserted-by":"publisher","DOI":"10.5555\/1756169.1756190"},{"key":"e_1_2_1_43_1","doi-asserted-by":"publisher","DOI":"10.1145\/2660267.2660355"},{"key":"e_1_2_1_44_1","volume-title":"Burgess","author":"Upton Fred","year":"2015","unstructured":"Fred Upton, Tim Murphy, Greg Walden, and Michael C. Burgess. 2015. Letters to Browsers Regarding Government Certificate Authorities. Retrieved December 4, 2016, from https:\/\/energycommerce.house.gov\/news-center\/letters\/letters-browsers-regarding-government-certificate-authorities."},{"key":"e_1_2_1_45_1","article-title":"Snowden document shows Canada set up spy posts for NSA","author":"Weston Greg","year":"2013","unstructured":"Greg Weston, Glenn Greenwald, and Ryan Gallagher. 2013. Snowden document shows Canada set up spy posts for NSA. CBC News. Retrieved December 4, 2016, from http:\/\/www.cbc.ca\/news\/politics\/snowden-document-shows-canada-set-up-spy-posts-for-nsa-1.2456886.","journal-title":"CBC News. Retrieved"},{"key":"e_1_2_1_46_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2011.45"}],"container-title":["ACM Transactions on Privacy and Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3007208","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3007208","content-type":"application\/pdf","content-version":"vor","intended-application":"syndication"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3007208","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,11,18]],"date-time":"2025-11-18T09:16:38Z","timestamp":1763457398000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3007208"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2017,1,9]]},"references-count":46,"journal-issue":{"issue":"1","published-print":{"date-parts":[[2017,2,28]]}},"alternative-id":["10.1145\/3007208"],"URL":"https:\/\/doi.org\/10.1145\/3007208","relation":{},"ISSN":["2471-2566","2471-2574"],"issn-type":[{"type":"print","value":"2471-2566"},{"type":"electronic","value":"2471-2574"}],"subject":[],"published":{"date-parts":[[2017,1,9]]},"assertion":[{"value":"2015-11-01","order":0,"name":"received","label":"Received","group":{"name":"publication_history","label":"Publication History"}},{"value":"2016-10-01","order":2,"name":"accepted","label":"Accepted","group":{"name":"publication_history","label":"Publication History"}},{"value":"2017-01-09","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}