Skip to main content
SpringerLink
Log in

AMBAR Protocol: Access Management Based on Authorization Reduction

  • Conference paper
  • First Online:
Information and Communications Security (ICICS 2001)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 2229))

Included in the following conference series:

Abstract

In the last years, SPKI, X.509 attribute certificates, or KeyNote has been proposed as mechanisms to create and specify authorization certificates, access control lists, or security policies in distributed environments. In this work we propose a new protocol able to negotiate and use some of these specifications. AMBAR is a multi-layered protocol based on a request/response model. In general, it provides functionality to transmit resource access requests, the authorization information related to those requests (credentials, ACLs), and results obtained from a certificate chain discovery method or compliance checker. It adds security by acting as a separate security layer inserted between the higher protocols and TCP (or another different transport protocol).

Partially supported by TEL-IFD97-1426 EU FEDER project (PISCIS)

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. M. Abadi and R. Needham. Prudent engineering practice for cryptographic protocols. IEEE Transactions on Software Engineering, 1(22):6–15, January 1996.

    Article  Google Scholar 

  2. A. O. Alan, P. Freier, and P. C. Kocher. The SSL Protocol Version 3.0, 1996.Internet Draft.

    Google Scholar 

  3. R. Anderson and R. Needham. Robustness principles for public key protocols. Number 963 in Lecture Notes in Computer Science. Springer, 1995.

    Google Scholar 

  4. M. Blaze, J. Feigenbaum, J. Ioannidis, and A. Keromytis. The KeyNote Trust Management System Version 2, September 1999. Request For Comments (RFC) 2704.

    Google Scholar 

  5. J. Callas, L. Donnerhacke, H. Finney, and R. Thayer. OpenPGP Message Format, 1998. Request For Comments (RFC) 2440.

    Google Scholar 

  6. O. Canovas and A. F. Gomez. AMBAR Protocol: Access Management Based on Authorization Reduction. Technical report, University of Murcia, May 2001. UM-DITEC-2001-7.

    Google Scholar 

  7. Intel Corporation. Common Data Security Architecture (CDSA). World Wide Web, http://developer.intel.com/ial/security, 2001.

  8. C. Ellison, B. Frantz, B. Lampson, R. Rivest, B. Thomas, and T. Ylonen. SPKI certi.cate theory, September 1999. Request For Comments (RFC) 2693.

    Google Scholar 

  9. S. Farrel and R. Housley. An Internet Attribute Certificate Profile for Authorization. Internet Engineering Task Force, 2001. draft-ietf-pkix-ac509prof-06.

    Google Scholar 

  10. R. Housley, W. Ford, and D. Solo. Internet Public Key Infrastructure, Part I: X.509 Certificate and CRL Profile, January 1999. Request for Comments (RFC) 2459.

    Google Scholar 

  11. A. Maywah. An implementation of a secure web client using SPKI/SDSI certificates. Master’s thesis, M.I.T., May 2000.

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. University of Murcia, Department of Computer Engineering, Spain

    Oscar Cánovas

  2. Department of Information and Communications Engineering, University of Murcia, Spain

    Antonio F. Gómez

Authors
  1. Oscar Cánovas
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Antonio F. Gómez
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Engineering Research Center for Information Security Technology (ERCIST), Chinese Academy of Sciences, P.O. Box 8718, 100080, Beijing, China

    Sihan Qing

  2. NTT Labs, 1-1 Hikarinooka, 239-0847, Yokosuka-shi, Japan

    Tatsuaki Okamoto

  3. Oracle Corporation, 500 Oracle Parkway, 94065, Redwood Shores, CA, USA

    Jianying Zhou

Rights and permissions

Reprints and permissions

Copyright information

© 2001 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Cánovas, O., Gómez, A.F. (2001). AMBAR Protocol: Access Management Based on Authorization Reduction. In: Qing, S., Okamoto, T., Zhou, J. (eds) Information and Communications Security. ICICS 2001. Lecture Notes in Computer Science, vol 2229. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-45600-7_41

Download citation

  • DOI: https://doi.org/10.1007/3-540-45600-7_41

  • Published:

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-42880-0

  • Online ISBN: 978-3-540-45600-1

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation