About This Item

Ask the MINDS@UW Librarian

Reducing the Dependence of Trust-Management Systems on PKI

Show full item record

File(s):

Author(s)
Wang, Hao; Jha, Somesh; Reps, Thomas; Schwoon, Stefan; Stubblebine, Stuart
Publisher
University of Wisconsin-Madison Department of Computer Sciences
Citation
TR1527
Date
2005
Abstract
Trust-management systems address the authorization problem in distributed systems by defining a formal language for expressing authorization and access-control policies, and relying on an algorithm to determine when a specific request can be granted. For authorization in distributed systems, trust-management systems offer several advantages over other approaches, such as support for delegation and making authorization decisions in a decentralized manner. This paper focuses on a popular trust-management system SPKI/SDSI. Although SPKI/SDSI is an attractive system for authorization in distributed systems, it has seen limited deployment. One of the major hurdles in deploying SPKI/SDSI is that it is PKI-based, i.e., every principal is required to have a public-private key pair. We present an approach that combines SPKI/SDSI with a widely-deployed authentication system, Kerberos, to reduce reliance of SPKI/SDSI on PKI. In our approach, only sites need public-private key pairs. We believe that reducing the reliance of SPKI/SDSI on PKI will facilitate its wider deployment. We also have implemented a prototype of our technique.
Permanent link
http://digital.library.wisc.edu/1793/60440 
Export
Export to RefWorks 
‚Äč

Part of

Show full item record

Search and browse




About MINDS@UW

Deposit materials

  1. Register to deposit in MINDS@UW
  2. Need deposit privileges? Contact us.
  3. Already registered? Have deposit privileges? Deposit materials.