Skip to main content
SpringerLink
Log in

Implementation of an Agent-Oriented Trust Management Infrastructure Based on a Hybrid PKI Model

  • Conference paper
  • First Online:
Trust Management (iTrust 2003)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 2692))

Included in the following conference series:

Abstract

Access controlin modern computing environments is different from access controlin the traditional setting of operating systems. For distributed computing systems, specification and enforcement of permissions can be based on a public key infrastructure which deals with public keys for asymmetric cryptography. Previous approaches and their implementations for applying a public key infrastructure are classified as based either on trusted authorities with licencing or on owners with delegations. We present the architecture and main features of a trust management infrastructure based on a hybrid model which unifies and extends the previous public key infrastructure approaches. The trust management infrastructure constitutes a flexible framework for experimenting with the applications of different trust models.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. The Apache XML project. http://xml.apache.org/.

  2. ITU-T recommendation X.509: The directory-public-key and attribute certificate frameworks, 2000.

    Google Scholar 

  3. Dueling theologies. In 1st Annual PKI Research Workshop, Gaithersburg, Maryland, USA, Apr. 2002.

    Google Scholar 

  4. IBM XML Security Suite. http://alphaworks.ibm.com/tech/xmlsecuritysuite/, Apr. 2002.

  5. C. Altenschmidt, J. Biskup, U. Flegel, and Y. Karabulut. Secure mediation: Requirements, design and architecture. Journal of Computer Security. To appear.

    Google Scholar 

  6. C. Altenschmidt, J. Biskup, J. Freitag, and B. Sprick. Weakly constraining multimedia types based on a type embedding ordering. In Proceedings of the 4th International Workshop on Multimedia Information Systems, pages 121–129, Istanbul, Turkey, Sept. 1998.

    Google Scholar 

  7. J. Biskup and Y. Karabulut. A hybrid PKI model with an application for secure mediation. In 16th Annual IFIP WG 11.3 Working Conference on Data and Application Security, Cambridge, England, July 2002. To appear.

    Google Scholar 

  8. J. Biskup and Y. Karabulut. Mediating between strangers: A trust management based approach. In 2nd Annual PKI Research Workshop, Gaithersburg, USA, Apr. 2003. To appear.

    Google Scholar 

  9. M. Blaze, J. Feigenbaum, and A. Keromytis. The KeyNote trust management system version 2. RFC 2704, IETF, Sept. 1999.

    Google Scholar 

  10. P. Bonatti and P. Samarati. Regulating service access and information release on the web. In Proceedings of the 7th ACM Conference on Computer and Communication Security, pages 134–143, Athens, Greece, Nov. 2000.

    Google Scholar 

  11. D. Clarke, J.-E. Elien, C. Ellison, M. Fredette, A. Morcos, and R. L. Rivest. Certificate chain discovery in SPKI/SDSI. Journal of Computer Security, 9(4):285–322, 2001.

    Google Scholar 

  12. D. Eastlake, J. Reagle, and D. Solo. XML signature core syntax and processing. http://www.ietf.org/rfc/rfc3275.txt, work in progress, RFC 3275, Internet Engineering Task Force, Mar. 2002.

  13. C. Ellison. SPKI/SDSI certificates. http://world.std.com/~cme/html/spki.html, Aug. 2001.

  14. C. M. Ellison, B. Frantz, B. Lampson, R. Rivest, B. M. Thomas, and T. Ylonen. Simple public key certification. Internet draft, work in progress. http://www.ietf.org/ids.by.wg/spki.html, June 1999.

  15. T. Finin, Y. Labrou, and J. Mayfield. KQML as an agent communication language. In J. M. Bradshaw, editor, Software Agents. MIT Press, Cambridge, 1997. http://www.cs.umbc.edu/kqml/papers/.

    Google Scholar 

  16. Q. He, K. P. Sycara, and T. Finin. PersonalSecurit y Agent: KQML-Based PKI. In Proceedings of the 2nd International Conference on Autonomous Agents, pages 377–384. ACM Press, 1998.

    Google Scholar 

  17. A. Herzberg and Y. Mass. Relying party credentials framework. In D. Naccache, editor, Topics in Cryptology-CT-RSA 2001, The Cryptographer’s Track at RSA Conference, LNCS 2020, pages 328–343, San Francisco, CA, 2001.

    Chapter  Google Scholar 

  18. P. Hildebrand. Design and implementation of a KQML-based hybrid PKI for secure mediation. Master’s thesis, Department of Computer Science, University of Dortmund, Apr. 2002.

    Google Scholar 

  19. IETF X.509 Working Group. Public-key infrastructure (X.509). http://www.ietf.org/html.charters/pkix-charter.html, 1998.

  20. Y. Karabulut. Secure Mediation Between Strangers in Cyberspace. PhD thesis, University of Dortmund, 2002.

    Google Scholar 

  21. C. Kröger. Integration of access control systems into a credential-based security environment. Master’s thesis, Department of Computer Science, University of Dortmund, Sept. 2000.

    Google Scholar 

  22. P. Lehmann. Design and implementation of a credential manager. Master’s thesis, Department of Computer Science, University of Dortmund, Apr. 2002.

    Google Scholar 

  23. N. Li, J. C. Mitchell, and W. H. Winsborough. Design of a role-based trust-management framework. In IEEE Symposium on Security and Privacy, pages 114–130, Berkeley, California, USA, May 2002.

    Google Scholar 

  24. P. Nikander. An architecture for authorization and delegation in distributed Object-Oriented Agent Systems. PhD thesis, Helsinki University of Technology, Mar. 1999.

    Google Scholar 

  25. Object Management Group. The common object request broker, architecture and specification. CORBA 2.3.1/IIOP specification. http://www.omg.org/library/c2indx.html, Dec. 1998.

  26. X. Orri and J. M. Mas. SPKI-XML certificate structure. Internet Draft draft-orri-spki-xml-cert-struc-00.txt, work in progress, Internet Engineering Task Force, Nov. 2001.

    Google Scholar 

  27. J. Reagle. XML signature requirements. http://www.ietf.org/rfc/, work in progress, RFC 2807, Internet Engineering Task Force, July 2000.

  28. K. Seamons, M. Winslett, T. Yu, B. Smith, E. Child, and J. Jacobsen. Protecting privacy during on-line trust negotiation. In 2nd Workshop on Privacy Enhancing Technologies, San Francisco, CA, Apr. 2002. To appear.

    Google Scholar 

  29. Sun Microsystems. Keytool-Key and Certificate Management Tool. http://java.sun.com/j2se/1.3/docs/tooldocs/win32/keytool.html.

  30. C. Thirunavukkarasu, T. Finin, and J. Mayfield. Secret agents-a security architecture for the KQML agent communication language. In 4th International Conference on Information and Knowledge Management-Workshop on Intelligent Information Agents, Baltimore, Maryland, USA, Dec. 1995.

    Google Scholar 

  31. W. Thompson, W. Johnston, S. Mudumbai, G. Hoo, K. Jackson, and A. Essiari. Certificate-based access control for widely distributed resources. In Proceedings of the 8th USENIX Security Symposium, Washington D.C., Aug. 1999.

    Google Scholar 

  32. M. Winslett, N. Ching, V. Jones, and I. Slepchin. Assuring security and privacy for digital library transactions on the web: Client and server security policies. In Proceedings of Forum on Research and Technical Advances in Digital Libraries (ADL’97), pages 140–152, Washington, DC, May 1997.

    Google Scholar 

  33. T. Yu, M. Winslett, and K. Seamons. Interoperable strategies in automated trust negotiation. In Proceedings of 8th ACM Computer Conference on Computer and Communication Security, pages 146–155, Philedelphia, Pennsylvania, Nov. 2001.

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science, University of Dortmund, August-Schmid-Strasse 12, D-44221, Dortmund, Germany

    Yüucel Karabulut

Authors
  1. Yüucel Karabulut
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Computer and Information Sciences Livingstone Tower, University of Strathclyde, 26 Richmond Street, Glasgow, G1 1XH, UK

    Paddy Nixon  & Sotirios Terzis  & 

Rights and permissions

Reprints and permissions

Copyright information

© 2003 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Karabulut, Y. (2003). Implementation of an Agent-Oriented Trust Management Infrastructure Based on a Hybrid PKI Model. In: Nixon, P., Terzis, S. (eds) Trust Management. iTrust 2003. Lecture Notes in Computer Science, vol 2692. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-44875-6_23

Download citation

  • DOI: https://doi.org/10.1007/3-540-44875-6_23

  • Published:

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-40224-4

  • Online ISBN: 978-3-540-44875-4

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation