Reputation Scoring System Using an Economic Trust Model A distributed approach to evaluate trusted third parties on the Internet

The trust anchors defined in the DNSSEC and SSL architecture make the governance of the Internet very rigidly aligned with the domain name registrars and the software vendors. The root certification authorities (root CAs) are defined ultimately and built into the software key stores of an end-user. However, the end-user is not given any criteria to distinguish the built-in root CAs so that he is unable to manage the default key store effectively. In this paper we suggest a new approach of creating a reputation score for the trusted third parties (TTPs). We evaluate each TTP based on its economic performance by counting the amount of transaction fees put on the certificate-signing transactions. Then we become able to apply different filtering algorithms to reveal the TTPs subject to automated removal from or addition to the software key stores. One of the examples - if a root or subordinate CA does not have a single buyer of SSL certificates yet, then it is not required to keep the CA in the web browser trusted certificate store. We make use of the Bitcoin protocol to reveal the transaction information and guarantee the integrity of the transaction database, which is managed and stored in a P2P manner. As a result, we achieve a completely dynamic and distributed reputation scoring system, where the cost of an attack is higher than the cost of normal system operation.