Abstract
We present architecture for e-business applications that receive requests from a party over the Net, to allow the applications to make decisions relying on the credentials of the requesting party. Relying party applications will be provided with uniform interface to the credentials of the requesting party. This will allow use of simple, widely available credentials as well as more advanced credentials such as public key certificates, attribute certificates and ‘Negative’ credentials such as certificate revocation lists (CRL). The core of the architecture is a Credential Manager who will provide all credential management functions, including collection of credentials, providing uniform interface to credentials, and extracting semantics relevant to the relying party’s applications.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
M. Blaze, J. Feigenbaum, J. Ioannidis and A. Keromytis, The KeyNote Trust-Management System, http://www.cis.upenn.edu/~angelos/keynote.html
M. Blaze, J. Feigenbaum, and J. Lacy, Decentralized Trust Management, In Proc. of the 17th Symposium on Security and Privacy, pp 164–173, 1996
A Technical Overview of the eccelerate.com Solution, from http://www.Eccelerate.com.
C. Ellison, “The nature of a usable PKI”, Computer Networks 31 (1999) pp. 823–830
Carl Ellison and Bruce Schneier, “10 Risks of PKI”, Computer Security Journal, v 16, n 1, 2000, pp. 1–7.
S. Farrell and R. Housley, An Internet Attribute Certificate Profile for Authorization. July 2000.
Overview Of Certification Systems: X.509, PKIX, CA, PGP and SKIP, by Ed Gerck. THE BELL, ISSN 1530-048X, July 2000, Vol. 1, No. 3, p. 8.
Access control meets Public Key Infrastructure, or: how to establish trust in strangers, A. Herzberg, Y. Mass, J. Mihaeli, D. Naor and Y. Ravid, IEEE Symp. on Security and Privacy, Oakland, California, May 2000.
Kohlas and U. Maurer, Reasoning about public-key certification-on bindings between entities and public keys, IEEE JSAC, vol. 18, no. 4, Apr, 2000.
Internet X.509 Public Key Infrastructure: Certificate Policy and Certification Practices, S. Chokani and W. Ford, March 1999.
Internet X.509 Public Key Infrastructure: Certificate and CRL Profile, R. Housley, W. Ford, N. Polk, D. Solo, Jan.1999.
SPKI Certificate Theory. C. Ellison, B. Frantz, B. Lampson, R. Rivest, B. Thomas, T. Ylonen. September 1999.
PICS: Internet Access Controls Without Censorship, Paul Resnick and Jim Miller, Communications of the ACM, 1996, vol. 39(10), pp. 87–93.
M. K. Reiter and S. G. Stubblebine. Path independence for authentication in large-scale systems. Proc. 4th ACM Conf. on Computer and Comm. Security, pp. 57–66, Apr. 1997
Simple Public Key Infrastructure (15), http://www.ietf.org/html.chapters/15-chapter.html
SSL 3.0 Specification, Netscape, http://home.netscape.com/eng/163/index.html
Trust Establishment toolkit, see at http://www.hrl.il.ibm.com/TrustEstablishment.
ITU-T Recommendation X.509 (1997 E): Information Technology-Open Systems Interconnection-The Directory: Authentication Framework, June 1997.
ITU-T recommendation X.509 ISO/IEC 9594-8: “Information technology-open systems interconnection-the directory: public-key and attribute certificate frameworks”.
XML Security Suite http://www.alphaworks.ibm.com/tech/xmlsecuritysuite
Extensible Markup Language W3C Recommendation: XML 1.0, http://www.w3.org/TR/WD-xml-lang.html.
P. Zimmerman, The Official PGP User’s Guide, MIT Press, Cambridge, 1995.
SET Secure Electronic Transaction http://www.setco.org
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2001 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Herzberg, A., Mass, Y. (2001). Relying Party Credentials Framework. In: Naccache, D. (eds) Topics in Cryptology — CT-RSA 2001. CT-RSA 2001. Lecture Notes in Computer Science, vol 2020. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-45353-9_25
Download citation
DOI: https://doi.org/10.1007/3-540-45353-9_25
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-41898-6
Online ISBN: 978-3-540-45353-6
eBook Packages: Springer Book Archive