Access Control Meets Public Key Infrastructure, Or: Assigning Roles to Strangers - Citegraph

Paper Info

Title
Access Control Meets Public Key Infrastructure, Or: Assigning Roles to Strangers

Abstract
The Internet enables connectivity between many strangers - entities that do not know each other. We present the Trust Policy Language (TPL), used to define the mapping of strangers to predefined business roles, based on certificates issued by third parties. TPL is expressive enough to allow complex policies, e.g. non-monotone (negative) certificates, while being simple enough to allow automated policy checking and processing. Issuers of certificates either are known in advance, or provide sufficient certificates to be considered a trusted authority according to the policy. This allows bottom-up, 驴grass roots驴 buildup of trust, as in the real world.We extend, rather than replace, existing role-based access control mechanisms. This provides a simple, modular architecture and easy migration from existing systems.Our system automatically collects missing certificates from peer servers. In particular, this allows use of standard browsers, which pass only one certificate to the server. We describe our implementation, which can be used as an extension of a web server or as a separate server with interface to applications.

Year	DOI	Venue
2000	10.1109/SECPRI.2000.848442	IEEE Symposium on Security and Privacy
Keywords	Field	DocType
x.509.,complex policy,public key certificates,assigning roles,separate server,web server,access control meets public,trust management,automated policy checking,missing certificate,key infrastructure,grass root,modular architecture,logic programming,role based access control,authentication,predefined business role,easy migration,key management,trust policy language,internet,message authentication,electronic commerce,certification,file servers,x 509,public key certificate,public key,authorisation,public key infrastructure,bottom up,business,public key cryptography,access control	Public key infrastructure,Key management,World Wide Web,Internet privacy,Computer security,Computer science,Server,Certificate authority,Role-based access control,Access control,Certificate,Web server	Conference
ISSN	ISBN	Citations
1081-6011	0-7695-0665-8	195
PageRank	References	Authors
27.95	6	5

Search Limit

100195

Authors (5 rows)

Cited by (100 rows)

References (6 rows)

Name	Order	Citations	PageRank
Amir Herzberg	1	2877	353.46
Yosi Mass	2	574	60.91
Joris Michaeli	3	195	27.95
Yiftach Ravid	4	318	62.48
Dalit Naor	5	1084	105.18

1