Abstract
An authentication server which employs the secret-key cryptography holds the secret keys of user clients and application servers in a local database, and this leads to attacks on the database, key propagation from a master server to slave servers and the management from a remote console. The situation of a privilege attribute server is same. In order to solve the problems the author introduces secret key certificate and privilege attribute certificate, which can be handled same as the public key certificate. The certificates can be used not only for authentication and privilege attribute services but also delegation of privilege and messaging system.
Chapter PDF
Similar content being viewed by others
Keywords
References
Davis, D. and Swick, R. (1990) Network Security via Private-Key Certificates. Operating Systems Review. 24, 4, 64–7.
Gasser, M. and McDermott, E. (1990) An Architecture for Practical Delegation in a Distribution System. Proceedings of the 1990 IEEE Symposium on Research in Security and Privacy. Oakland, California, United States of America.
International Standards Organization. (1988) Information processing _ Open Systems Interconnection - The Directory - Authentication Framework. IS-9594. International Standards Organization, Geneva Switzerland.
Kaijser, P., Parker, T. and Pinkas, D. (1994) SESAME: The solution to security for open distributed systems. Computer Communications, 17, 7, 501–18.
Kaliski, B. (1993) Triple-DES: A Brief Report. Technical report, RSA Laboratories. Kohl, J. and Neuman, B. (1993) The Kerberos Network Authentication Service (V5). Internet Requests for Comments 1510.
Linn, J. (1993) Generic Security Service Application Program Interface. Internet Request for Comments 1508.
Neuman, C. (1993) Proxy-Based Authorization and Accounting for Distributed Systems. Proceedings of the 13th International Conference on Distributed Computing Systems. Pittsburgh, Pennsylvania, United States of America.
Partridge, C., Mendez, T. and Milliken, W. (1993) Host Anycasting Service. Internet Requests for Comments 1546.
Rosenberry, W., Kenney, D. and Fisher, G. (1993) Understanding DCE. O’Reilly, and Associates, Inc., California, United States of America.
Stern, H. (1991) Managing NFS and NIS. O’Reilly, and Associates, Inc., United States of America.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 1996 Springer Science+Business Media Dordrecht
About this chapter
Cite this chapter
Sameshima, Y. (1996). Security Architecture based on Secret Key and Privilege Attribute Certificates. In: Schill, A., Mittasch, C., Spaniol, O., Popien, C. (eds) Distributed Platforms. IFIP — The International Federation for Information Processing. Springer, Boston, MA. https://doi.org/10.1007/978-0-387-34947-3_27
Download citation
DOI: https://doi.org/10.1007/978-0-387-34947-3_27
Publisher Name: Springer, Boston, MA
Print ISBN: 978-1-4757-5010-2
Online ISBN: 978-0-387-34947-3
eBook Packages: Springer Book Archive