Smart Certi cates: Extending X.509 for Secure Attribute Service on the Web (1999) [3 citations — 3 self]
Abstract:
ABSTRACT: An attribute is a particular property of an entity, such as a role, access identity, group, or clearance. If attributes are provided integrity, authentication, and con dentiality, Web servers can then trust these secure attributes and use them for many purposes, such as access control, authorization, authentication, and electronic transactions. In this paper, we present a comprehensive approach to secure attribute services on the Web. We identify the user-pull and server-pull models and analyze their advantages and disadvantages. To support these models on the Web, we extend X.509 certi cates, which are already in widespread current use. We name these extended X.509 certi-cates smart certi cates. Smart certi cates have several sophisticated features: they support short-lived lifetime and multiple CAs, contain attributes, provide postdated and renewable certi cates, and provide con dentiality. This paper also discusses possible applications of smart certi cates on the Web.
Citations
| 556 | Kerberos: An Authentication Service for Open Network Systems – Steiner, Neuman, et al. - 1988 |
| 85 | Constraints for Role-Based Access Control – Chen, Sandhu - 1995 |
| 83 | Internet X.509 public key infrastructure certificate and certificate revocation list (CRL) profile. Network Working Group Request for Comments RFC-3280, RSA Laboratories – Housley - 2002 |
| 58 | Analysis of the SSL 3.0 protocol – Wagner, Schneier - 1996 |
| 12 | RBAC on the Web by Secure Cookies – Park, Sandhu, et al. - 1999 |
| 8 | An Intranet Security Framework Based on Short-Lived Certificates – Hsu, Seymour - 1998 |
| 4 | ord Neuman. Using Kerberos for authentication on computer networks – Cli - 1994 |
| 2 | RBAC on the web by smart certi cates – Park, Sandhu - 1999 |
| 1 | An Internet AttributeCerti cate pro le for Authorization – Farrell - 1998 |
| 1 | TLS extensions for AttributeCerti cate based authorization – Farrell - 1998 |
