A new design of privilege management infrastructure with binding signature semantics

Bicakci, Kemal; BAYKAL, NAZİFE

doi:10.1007/978-3-540-25980-0_25

A new design of privilege management infrastructure with binding signature semantics

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), cilt.3093, ss.306-313, 2004 (SCI-Expanded)

Yayın Türü: Makale / Tam Makale
Cilt numarası: 3093
Basım Tarihi: 2004
Doi Numarası: 10.1007/978-3-540-25980-0_25
Dergi Adı: Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Derginin Tarandığı İndeksler: Science Citation Index Expanded (SCI-EXPANDED), Scopus
Sayfa Sayıları: ss.306-313
Anahtar Kelimeler: Attribute certificate, Binding signature semantics, Digital signature, PMI, Revocation
İstanbul Teknik Üniversitesi Adresli: Hayır

Özet

Just like PKI, used to support public key certificates, Privilege Management Infrastructure (PMI) is built to provide a foundation to employ attribute certificates. Although most of the PKI ideas can be applied to PMI as well, PMI has some unique characteristics for instance it should handle attributes containing confidential information. Motivating by this fact, Dawson et al. recently proposed a new PMI design for those who would like to use the outsourced PKI but keep the PMI management inside the organization. In this paper, we propose an alternative design to have a more fine-grained control over attribute certificates. Immediate revocation and simplified verification are two big advantages of our approach. © Springer-Verlag Berlin Heidelberg 2004.