Yki Kortesniemi, Tero Hasu, Jonna Särs  Home/Search
Context Related
| tcm.hut.fi/Research/TeS...revocation.ps Cached: PS.gz PS PDF This document uses CoBlitz to cache paper downloads. If your firewall is blocking outgoing connections to port 3125, you can use these links to download local copies.
Image Update HelpPS.gz PS PDF From: tcm.hut.fi/Research/TeSSA/Pape... (more) (Enter author homepages) |
Rate this article:      (best)Comment on this article |
Abstract: In distributed systems, the access control mechanism is often modeled after stand-alone solutions, such as ACLs. Such arrangement, however, is not ideal as the system may be mirrored around the world and maintaining the ACLs becomes a problem. A new approach to this problem is using authorisation certi cates to control access to resources. This diminishes management overhead, but introduces problems with revocation. A related problem is enforcing quotas in distributed systems. Traditionally,... (Update)
Context of citations to this paper: More
.... If validity elements contain certificate revocation lists or on line tests, the intersection determination is more complicated, see [14]. The original SPKI theory [4] defines the authorization reduction in the same way, so that the intersection is computed in an application...
Cited by: More
Internet access through WLAN with XML encoded SPKI.. - Koponen, Nikander.. (2000) (Correct)
Active bibliography (related documents): More All
1.1: Implementing an SPKI Certificate Repository within the DNS - Hasu, Kortesniemi (2000) (Correct)
0.5: Privacy And Accountability In Certificate Systems - Aura, Ellison (2000) (Correct)
0.3: Implementation Considerations for the Typed Access Matrix.. - Sandhu, Suri (1992) (Correct)
Similar documents based on text: More All
2.3: Certificate Revocation and Certificate Update - Naor, Nissim (1998) (Correct)
1.0: Efficient Certificate Revocation - Micali (1996) (Correct)
0.7: Evaluating Revocation Management in SPKI from a.. - Karvonen.. (2001) (Correct)
Related documents from co-citation: More All
2: Internet Engineering Task Force (context) - Ellison, Frantz et al. - 1999
BibTeX entry: (Update)
Kortesniemi, Y., Hasu, T. and Sars, J., "A revocation, validation and authentication protocol for SPKI based delegation systems," in Proceedings of Network and Distributed System Security Symposium (NDSS 2000), 2-4 February 2000, San Diego, California. http://citeseer.ist.psu.edu/kortesniemi00revocation.html More
@misc{ kortesniemi00revocation,
author = "Y. Kortesniemi and T. Hasu and J. Sars",
title = "A revocation, validation and authentication protocol for SPKI based delegation
systems",
text = "Kortesniemi, Y., Hasu, T. and Sars, J., A revocation, validation and authentication
protocol for SPKI based delegation systems, in Proceedings of Network and
Distributed System Security Symposium (NDSS 2000), 2-4 February 2000, San
Diego, California.",
year = "2000",
url = "citeseer.ist.psu.edu/kortesniemi00revocation.html" }
Citations (may not include all citations):305 Decentralized trust management - Blaze, Feigenbaum et al. - 1996
124 Internet Security Association and Key Management Protocol - Maughan, Schertler et al. - 1998
59 The Internet Key Exchange (context) - Harkins, Carrel - 1998
58 The Oakley key determination protocol - Orman - 1998
51 SKEME: A versatile secure key exchange mechanism for Interne.. - Krawczyk - 1996
41 Internet public key infrastructure Online Certi cate Status .. (context) - Myers, Ankney et al. - 1999
26 Recent-secure authentication: Enforcing revocation in distri.. - Stubblebine - 1995
15 A simple distributed security infrastructure (context) - Rivest, Lampson
15 A simple distributed security infrastructure (context) - Rivest, Lampson - 1996
3 Simple public key certi cate (context) - Ellison, Franz et al. - 1998
3 A distributed implementation of the extended schematic prote.. - Ammann, Sandhu et al. - 1991
2 Uniform Resource Identi ers (context) - Berners-Lee, Fielding et al. - 1998
2 and Tatu Ylnen (context) - Ellison, Franz et al. - 1999
1 An extended capabilities architecture to enforce dynamic acc.. (context) - Kao, Chow - 1996
1 An access control model and its use in representing mental h.. (context) - Varadharajan, Calvelli - 1996
1 cate revocation system (context) - Micali - 1997
1 Can we eliminate certi cate revocation lists (context) - Rivest - 1998
1 Representation of mental health application access policy in.. (context) - Calvelli, Varadharajan - 1993
1 Approaches to secure delegation in distributed systems (context) - Hardjono, Ohta - 1993
1 Modeling the risks and costs of digitally signed certi cates.. (context) - Simpson - 1996
1 cate revocation and certi cate update (context) - Naor, Nissim - 1998
Documents on the same site (http://www.tcm.hut.fi/Research/TeSSA/Papers/): More
An Architecture for Authorization and Delegation in Distributed.. - Nikander (1999) (Correct)
User-Centered Design of Secure Software - Holmström (1999) (Correct)
Implementing an SPKI Certificate Repository within the DNS - Hasu, Kortesniemi (2000) (Correct)
Online articles have much greater impact More about CiteSeer.IST Add search form to your site Submit documents Feedback
CiteSeer.IST - Copyright Penn State and NEC