Towards an Infrastructure for Authorization Position Paper
نویسنده
چکیده
In recent years, there has been a great deal of debate about whether a large-scale \publickey infrastructure" is needed for electronic commerce and, if so, whether the technical di culty of building and deploying such an infrastructure will impede the growth of electronic commerce. We argue here that much of the controversy is attributable to the fact that the term \public-key infrastructure" has not been clearly and correctly de ned. We explain why the informal de nition most often associated with the term, i.e., that of a global mapping between users' identities and public keys, is not the right de nition for electronic commerce and hence that whether such a mapping can and will be built and deployed with available resources is not an especially pressing question. Finally, we describe an alternative type of infrastructural development that we believe really would enable electronic commerce.
منابع مشابه
Authorization models for secure information sharing: a survey and research agenda
This article presents a survey of authorization models and considers their 'fitness-for-purpose' in facilitating information sharing. Network-supported information sharing is an important technical capability that underpins collaboration in support of dynamic and unpredictable activities such as emergency response, national security, infrastructure protection, supply chain integration and emerg...
متن کاملTowards a Unified Authentication and Authorization Infrastructure for Grid Services: Implementing an Enhanced OCSP Service Provider into GT4
The OGSA definition of a Grid Service as a transient, stateful and dynamically instantiated Web Service introduced new authentication and authorization requirements beyond those already established for existing Grid environments. However such design features have begun to be developed currently following a pre-Web Services approach in two aspects: in the first place making a clear separation of...
متن کاملSPKI based solution to anonymous payment and transaction authorization
Network commerce has been raising its head for a few years and has adopted credit cards as the most common means of payment. However, on an open network like internet, credit card based systems have problems. Especially problematic is the authentication of the parties involved. Privacy issues are important since the customer is always identified with each payment. A few solutions have emerged, ...
متن کاملTowards an IPv6-Based Security Framework for Distributed Storage Resources
Some security problems can be often solved through authorization rather than authentication. Furthermore, authorization approach avoids usual drawbacks of centralized systems such as bottlenecks or single point of failure. In this paper, we propose a solution that could bring an appropriate security architecture to the Internet Backplane Protocol (IBP), a distributed shared storage protocol. Th...
متن کاملXPOLA – An Extensible Capability-based Authorization Infrastructure for Grids
There is great need for a secure, fine-grained, efficient, and user-friendly authorization infrastructure to protect the services in Grid community. Grid users and administrators still have to deal with authentication and authorization issues in the traditional supercomputer-centric fashion, especially with the host account maintenance and certificate management. This paper proposes a capabilit...
متن کامل