Abstract
Identities and profiles are important to enable e-commerce transactions. Recent initiatives, like Microsoft .MyServices and Liberty Alliance Project, aim at the provision of identity and profile management solutions along with mechanisms to simplify users’ experience. These solutions must be trusted and accountable. Current PKI solutions can be used to deal with certification and trust management. Unfortunately the complexity of managing digital credential lifecycle is one of the obstacles to their adoption. This complexity is accentuated in the case of dynamic environments, where the certified information is subject to frequent changes. In this paper we address the problem of providing up-to-date certified information in dynamic contexts. We introduce the concept of active digital credential as a mechanism to provide up-to-date certified identity and profile information along with a fine-grained assessment of trustworthiness and validity. Work is in progress both to implement a prototype and assess the feasibility of the proposed model.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Camp, L. J.: Trust and Risk in Internet Commerce.The MIT press (2000)
Microsoft: Microsoft.MyServices: a platform for building user-centric applications. http://www.microsoft.com/myservices/ (2002)
Liberty Alliance: Project Liberty Alliance. http://www.projectliberty.org/ (2002)
Housley, R., Ford, W., Polk, W., Solo, D.: RFC2459: Internet X.509 Public Key Infrastructure Certificate and CRL profile. IETF (1999)
Farrell, S., Housley, R.: An Internet Attribute Certificate Profile for Authorization. IETF (1999)
IETF: An Open Specification for Pretty Good Privacy (PGP). http://www.ietf.org/html.charters/openpgp-charter.html (2001)
Ellison, C.: SPKI Requirements, RFC 2692. IETF (1999)
Ellison, C., Frantz, B., Lampson, B., Rivest, R., Thomas, B., Ylonen, T.: SPKI Certificate Theory, RFC 2693. IETF (1999)
Boneh, D., Franklin M.: Identity-based Encryption from the Weil Pairing. Crypto 2001 (2001)
Baldwin, A., Beres, Y., Casassa Mont, M., Shiu, S.: Trust Services: A Trust Infrastructure for E-Commerce. HPL-2001-198 (2001)
OASIS: SAML 1.0 Specification Set-http://www.oasisopen.org/ (2002)
Eastlake, D., Reagle, J., Solo, D.: XML-Signature Syntax and Processing, draft-ietfxmldsig-core-08. IETF (2000)
Bray, T., Paoli, J., Sperberg-McQueen, C.M.: Extensible Markup Language (XML) 1.0. W3 Recommendation (1998)
W3C: Web Services Description Language (WSDL) 1.1. W3C (2001)
Zubeldia, P., Romney, G.: Digital Certification Systems. Patent: EP 0869637 A2 (1998)
Casassa Mont, M., Brown, R.: PASTELS project: Trust Management, Monitoring and Policy-driven Authorization Framework for E-Services in an Internet based B2B environment. HPL-2001-28 (2001)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2002 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Mont, M.C., Brown, R. (2002). Active Digital Credentials: Dynamic Provision of Up-to-Date Identity Information. In: Davida, G., Frankel, Y., Rees, O. (eds) Infrastructure Security. InfraSec 2002. Lecture Notes in Computer Science, vol 2437. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-45831-X_5
Download citation
DOI: https://doi.org/10.1007/3-540-45831-X_5
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-44309-4
Online ISBN: 978-3-540-45831-9
eBook Packages: Springer Book Archive