Abstract
Most of industrial or public domains involve a trusted and distributed infrastructure which provides individuals digital credentials and certificates. These latter allow their owner to authenticate herself, prove her rights and gain access inside trusted organizations. The certificate usability scope is extended to contain more and more information, where someones can be considered as sensitive. Contrary to existing certificate standards, we aim to provide a flexible format of certificate enabling to disclose, to blind and to cipher any authorized part of a certificate according to the user context, environment and willing. In this paper, we define and describe a new certificate model called: ”X316” and we supply a security toolbox (i.e. X316 Signature, X316 Encryption and X316 Context) allowing its owner for managing her certificate freely according to contextual situation.
X316: 13Morph 1Access 16Pass. ”A” is the first letter of the alphabet...
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Zimmermann, P.R.: The Official PGP User’s Guide. MIT Press, Cambridge, MA, USA (1995)
ITU-T Simple public key infrastructure (SPKI) charter, http://www.ietf.org/html.charters/OLD/spki-charter.html
Seitz, L., Pierson, J.M., Brunie, L.: Semantic Access Control for Medical Applications in Grid Environments. In: A International Conference on Parallel and Distributed Computing, pp. 374–383 (August 2003)
Adams, C., Farrell, S.: RFC 2510: Internet X.509 Public Key Infrastructure: Certificate Management Protocols (March 1999)
Thompson, M.R., Essiari, A., Mudumbai, S.: Certificate-based authorization policy in a PKI environment. ACM Trans. Inf. Syst. Secur. 6, 4, 566–588 (2003)
ITU-T Rec. X.680, ISO/IEC 8824-1:2002 (2002), http://asn1.elibel.tm.fr/en/standards/index.htm
Micali, S., Rivest, R.: Transitive Signature Schemes. In: Proceedings of the the Cryptographer’s Track At the RSA Conference on Topics in Cryptology, Computer Science, February 2003, vol. 2271, pp. 236–243 (2003)
Johnson, R., Molnar, D., Song, D., Wagner, D.: Homomorphic signature schemes. In: Preneel, B. (ed.) CT-RSA 2002. LNCS, vol. 2271, pp. 244–262. Springer, Heidelberg (2002)
Brands, S.: A technical Overview of Digital Credentials. Research Report (February 2002)
Chadwick, D., Otenko, A.: The PERMIS X.509 Role Based Privilege Management Infrastructure. In: Proceedings of the 7th ACM Symposium on Access Control Models and Technologies, June 2002, pp. 135–140. ACM Press, New York (2002)
Lorch, M., Adams, D., Kafura, D., et al.: The PRIMA System for Privilege Management, Authorization and Enforcement. In: Proceedings of the 4th International Workshop on Grid Computing (November 2003)
Bartel, M., Boyer, J., Fox, B., LaMacchia, B., Simon, E.: XML-encryption syntax and processing. In: W3C Recommendation (February 2002), http://www.w3.org/TR/2002/REC-xmldsig-core-20020212/
Saadi, R., Pierson, J.M., Brunie, L.: (Dis)trust Certification Model for Large Access in Pervasive Environment. JPCC International Journal of Pervasive Computing and Communications 1(4), 289–299 (2005)
Saadi, R., Pierson, J.M., Brunie, L.: Authentication and Access Control Using Trust Collaboration in Pervasive Grid Environments. In: Proceedings of the International Conference in Grid and Pervasive Computing (to appear, 2007)
Imamura, T., Dillaway, B., Simon, E.: XML-signature syntax and processing. In: W3C Recommendation (December 2002), http://www.w3.org/TR/2002/REC-xmlenc-core-20021210/
Orri, X., Mas, J.M.: SPKI-XML Certificate Structure Internet-Draft, Octalis SA (November 2001), http://www.ietf.org/internetdrafts/draft-orri-spki-xml-cert-struc-00.txt
Challenge-response authentication From Wikipedia, the free encyclopedia, http://en.wikipedia.org/wiki/Challenge-response_authentication
Steinfeld, R., Bull, L., Zheng, Y.: Content Extraction Signatures. In: Proceedings of 4th International Conference of Information Security and Cryptology, December 2001, pp. 285–2004 (2001)
Bull, L., Stanski, P., Squire, D.M.: Content extraction signatures using XML digital signatures and custom transforms on-demand. In: Proceedings of the 12th international Conference on World Wide Web, May 2003, pp. 170–177 (2003)
Ejigu, D., Scuturici, M., Brunie, L.: CoCA: A Collaborative Context-Aware Service Platform for Pervasive Computing. In: The proceedings of the IEEE/CS International Conference on Information Technology: New Generations (to appear, May 2007)
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2007 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Saadi, R., Pierson, J.M., Brunie, L. (2007). X316 Security Toolbox for New Generation of Certificate . In: Lambrinoudakis, C., Pernul, G., Tjoa, A.M. (eds) Trust, Privacy and Security in Digital Business. TrustBus 2007. Lecture Notes in Computer Science, vol 4657. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-74409-2_27
Download citation
DOI: https://doi.org/10.1007/978-3-540-74409-2_27
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-74408-5
Online ISBN: 978-3-540-74409-2
eBook Packages: Computer ScienceComputer Science (R0)