SDSI - A Simple Distributed Security Infrastructure

We propose a new distributed security infrastructure, called SDSI (pronounced “Sudsy”). SDSI combines a simple public-key infrastructure design with a means of defining groups and issuing group-membership certificates. SDSI’s groups provides simple, clear terminology for defining access-control lists and security policies. SDSI’s design emphasizes linked local name spaces rather than a hierarchical global name space.

[1]  David D. Clark,et al.  A Comparison of Commercial and Military Computer Security Policies , 1987, 1987 IEEE Symposium on Security and Privacy.

[2]  Ronald L. Rivest,et al.  The MD5 Message-Digest Algorithm , 1992, RFC.

[3]  Stephen T. Kent,et al.  Internet Privacy Enhanced Mail , 1993, CACM.

[4]  James H. Burrows,et al.  Secure Hash Standard , 1995 .

[5]  Joan Feigenbaum,et al.  Decentralized trust management , 1996, Proceedings 1996 IEEE Symposium on Security and Privacy.

[6]  Ravi S. Sandhu,et al.  Role-Based Access Control Models , 1996, Computer.

[7]  Donald E. Eastlake,et al.  Domain Name System Security Extensions , 1997, RFC.