Security Through Publicity

Current large-scale authentication and non-repudiation systems offer various security measures, but do not meet the needs of today’s Internet-scale applications. Though several designs exist, there have been no significant deployments of Internet-scale security infrastructures. In this paper we propose a novel concept called the public-space that makes complete information of digital entities’ actions publicly available to every user. It is a structured framework that maintains a large number of entities, their actions, relationships, and histories. Posting such information in public does not endorse the information’s correctness, but it does provide users with a quantifiable set of information that enables them to detect faults and make informed security decisions. Combined with traditional cryptographic techniques, the public-space system can support the intrinsic heterogeneity of user security requirements in Internetscale infrastructures and applications.