A new design of privilege management infrastructure with binding signature semantics

Bicakci K., BAYKAL N.

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol.3093, pp.306-313, 2004 (SCI-Expanded) identifier


Just like PKI, used to support public key certificates, Privilege Management Infrastructure (PMI) is built to provide a foundation to employ attribute certificates. Although most of the PKI ideas can be applied to PMI as well, PMI has some unique characteristics for instance it should handle attributes containing confidential information. Motivating by this fact, Dawson et al. recently proposed a new PMI design for those who would like to use the outsourced PKI but keep the PMI management inside the organization. In this paper, we propose an alternative design to have a more fine-grained control over attribute certificates. Immediate revocation and simplified verification are two big advantages of our approach. © Springer-Verlag Berlin Heidelberg 2004.