Active certificates: A framework for delegation (2002) [4 citations — 0 self]

Download:
pdf | ps

by Nikita Borisov, Eric Brewer

In NDSS. The Internet Society

http://www.isoc.org/isoc/conferences/ndss/02/proceedings/papers/boriso.ps

Add To MetaCart

Popular Tags

No tags have been applied to this document.

BibTeX | Add To MetaCart

@INPROCEEDINGS{Borisov02activecertificates:,
    author = {Nikita Borisov and Eric Brewer},
    title = {Active certificates: A framework for delegation},
    booktitle = {In NDSS. The Internet Society},
    year = {2002},
    pages = {2--8}
}

Years of Citing Articles

Abstract:

In this paper, we present a novel approach to delegation in computer systems. We exploit mobile code capabilities of today's systems to build active certificates: cryptographically signed mobile agents that implement delegation policy. Active certificates arrive at a new combination of properties, including expressivity, transparency, and offline operation, that is not available in existing systems. These properties make active certificates powerful tools to express delegation. Active certificates can also be used as a mechanism to implement complex policy systems, such as public key infrastructures; systems built in this way are easily extensible and interoperable. A prototype implementation of active certificates has been built as part of the Ninja [17] project. 1

Citations

1416	The Java Language Specification – Gosling, Joy, et al. - 1996
570	Decentralized Trust Management – Blaze, Feigenbaum, et al. - 1996
236	A calculus for access control in distributed systems – Abadi, Burrows, et al. - 1993
215	On Protection in Operating Systems – Harrison, Ruzzo, et al. - 1975
186	C.: System description: Twelf - a meta-logical framework for deductive systems,Proceedings of the 16th International Conference on Automated Deduction (CADE-16 – Pfenning, Schurmann - 1999
144	The Ninja architecture for robust Internet-scale systems and services – Gribble, Welsh, et al. - 2001
111	Proof-carrying authentication – Appel, Felten - 1999
98	Adapting to Network and Client Variation Using Active Proxies: Lessons and Perspectives – Fox, Gribble, et al. - 1998
94	Certificate revocation and certificate update – Naor, Nissim - 2000
78	The MultiSpace: an Evolutionary Platform for Infrastructural Services – Gribble - 1999
71	Translation validation – Pnueli, Siegel, et al. - 1384
69	Efficient certificate revocation – Micali - 1996
67	On certificate revocation and validation – Kocher
64	Compliance checking in the PolicyMaker trust management system – Blaze, Feigenbaum, et al. - 1998
60	Inside Java 2 Platform Security – Gong - 1999
54	Processes in KaffeOS: Isolation, resource management, and sharing in Java – Back, Hsieh, et al. - 2000
54	Can we eliminate certificate revocation lists – Rivest - 1998
50	Security on the move: Indirect authentication using Kerberos – Fox, Gribble - 1996
32	A formal semantics for SPKI – Howell, Kotz - 2000
28	A Linear Time Algorithm for Deciding Security – Jones, Lipton, et al. - 1976
23	The Ninja Jukebox – Goldberg, Gribble, et al. - 1999
21	Termination in language-based systems – Rudys, Wallach - 2002
16	M: Internet X.509 public key infrastructure (PKI) proxy certificate profile – Tuecke, Welch, et al.
11	A Composable Framework for Secure Multi-Modal Access to Internet Services from PostPC – Ross - 2000
5	Simple object access protocol (SOAP – Consortium
5	NinjaMail: The Design of a HighPerformance Clustered, Distributed E-Mail System – Behren, Czerwinski, et al. - 2000
3	X.509 style guide – Gutmann - 2000
1	The TLS prtocol version 1.0. RFC2246 – Dierks, Allen - 1999
1	Procmail - autonomous mail processor. http://www.procmail.org – Berg

View or Download | Add to My Collection | Correct Errors