Dynamics in Delegation and Revocation Schemes: A Logical Approach

Guillaume, Aucher; Steve, Barker; Boella, Guido; Genovese, Valerio; Leendert van der Torre,

Public Key Infrastructure (PKI) and Privilege Management Infrastructure (PMI) can respectively be used to support authentication and authorization in distributed scenarios. The validation of certificate chains is a critical issue in both infrastructures, because it requires several costly processes, such as certificate path discovery, validation of each certificate, and so on. The problem becomes even worst in devices with limited resources (battery, memory, computational capacity, etc.) as mobile devices. In this paper we present an architecture that reduces the communication and computational overhead of certificate status checking in a complete certificate chain. The proposed tracing of the certificates chains is based on a cascade certificate revocation policy.

Titolo:	Dynamics in Delegation and Revocation Schemes: A Logical Approach
Autori Riconosciuti:	Guillaume Aucher Steve Barker BOELLA, Guido Genovese, Valerio Leendert van der Torre mostra contributor esterni nascondi contributor esterni
Autori:	Guillaume Aucher; Steve Barker; Guido Boella; Valerio Genovese; Leendert van der Torre
Data di pubblicazione:	2011
Abstract:	Public Key Infrastructure (PKI) and Privilege Management Infrastructure (PMI) can respectively be used to support authentication and authorization in distributed scenarios. The validation of certificate chains is a critical issue in both infrastructures, because it requires several costly processes, such as certificate path discovery, validation of each certificate, and so on. The problem becomes even worst in devices with limited resources (battery, memory, computational capacity, etc.) as mobile devices. In this paper we present an architecture that reduces the communication and computational overhead of certificate status checking in a complete certificate chain. The proposed tracing of the certificates chains is based on a cascade certificate revocation policy.
Editore:	Yingjiu Li
Titolo del libro:	Data and Applications Security and Privacy XXV - 25th Annual IFIP WG 11.3 Conference, DBSec 2011, Richmond, VA, USA, July 11-13, 2011. Proceedings
Volume:	6818
Pagina iniziale:	90
Pagina finale:	105
Nome del convegno:	Data and Applications Security and Privacy XXV - 25th Annual IFIP WG 11.3 Conference, DBSec 2011
Luogo del convegno:	Richmond, VA, USA
Anno del convegno:	11/07/11-13/07/11
ISBN:	9783642223471
Appare nelle tipologie:	04A-Conference paper in volume

File in questo prodotto:

Non ci sono file associati a questo prodotto.

Utilizza questo identificativo per citare o creare un link a questo documento:
http://hdl.handle.net/2318/94980

Citazioni

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

CINECA IRIS Institutional Research Information System

File in questo prodotto: