About This Item

Ask the MINDS@UW Librarian

Distributed Certificate-Chain Discovery in SPKI/SDSI

Show full item record

File(s):

Author(s)
Schwoon, Stefan; Wang, Hao; Jha, Somesh; Reps, Thomas
Publisher
University of Wisconsin-Madison Department of Computer Sciences
Date
Mar 15, 2012
Abstract
The authorization problem is to decide whether, according to a security policy, some principal should be allowed access to a resource. In the trust-management system SPKI/SDSI, the security policy is given by a set of certificates, and proofs of authorization take the form of certificate chains. The certificate-chain-discovery problem is to discover a proof of authorization for a given request. Although certificate-chain-discovery algorithms for SPKI/SDSI have been investigated by several researchers, previous work did not address how to perform certificate-chain discovery in distributed environments. We address the certificate-chain-discovery problem where the certificates are distributed over a number of sites, which then have to cooperate to identify the proof of authorization for a given request. We propose two protocols for this purpose. These protocols can also handle cases where certificates are labeled with weights and where multiple certificate chains must be combined to form a proof of authorization. We have implemented these protocols in a prototype and report preliminary results of our evaluation.
Permanent link
http://digital.library.wisc.edu/1793/60438 
Export
Export to RefWorks 
‚Äč

Part of

Show full item record

Search and browse




About MINDS@UW

Deposit materials

  1. Register to deposit in MINDS@UW
  2. Need deposit privileges? Contact us.
  3. Already registered? Have deposit privileges? Deposit materials.