Review and Revocation of Access Privileges Distributed with PKI Certificates (Transcript of Discussion)

نویسنده

  • Virgil D. Gligor
چکیده

Public-key infrastructures (PKIs) that support both identity certificates and access control (e.g., attribute, delegation) certificates are increasingly common. We argue that these PKIs must also support revocation and review policies that are typical of more traditional access control systems; e.g., selective and transitive certificate revocation, and per-object access review. Further, we show that PKIs that eliminate identity certificates, such as the SPKI, resolve only selective revocation problems and, at the same time, make access review more complex.

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Revocation in the privilege calculus ?

We have previously presented a framework for updating privileges and creating management structures by means of authority certificates. These are used both to create access-level permissions and to delegate authority to other agents. In this paper we extend the framework to support a richer set of revocation schemes. As in the original, we present an associated calculus of privileges, encoded a...

متن کامل

Revocation Schemes for Delegated Authorities

We have previously presented a framework for updating privileges and creating management structures by means of authority certificates. These are used both to create access-level permissions and to delegate authority to other agents. In this paper we extend the framework to support a richer set of revocation schemes. As in the original, we present an associated calculus of privileges, encoded a...

متن کامل

Distributed Storage and Revocation in Digital Certificate Databases

Public-key cryptography is fast becoming the foundation for those applications that require security and authentication in open networks. But the widespread use of a global public-key cryptosystem requires that public-key certificates are always available and up-to-date. Problems associated to digital certificates management, like storage, retrieval, maintenance, and, specially, revocation, req...

متن کامل

Secure Protocol of ABAC Certificates Revocation and Delegation

This paper deals with the maintenance of PKI certificates for Attribute Based Access Control (ABAC). We show, that the current standard has several problems in different revocation and delegation processes. This may lead to a security hole allowing usage of ABAC certificates, when it was revoked or transferred. As a solution we suggest architecture changes, that allow to perform revocation and ...

متن کامل

CHECK THE DATE: Reader Revocation in PKI-Based RFID Systems

One prominent open problem with RFID tags that support public key cryptography is revocation of reader certificates. This is an important issue considering that highend RFID tags are geared for public key applications such as e-documents and contactless payment instruments. Furthermore, the problem is unique to public key-based RFID systems, since tags have no clock and thus cannot use traditio...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2000