An authorization model for a public key management service

Public key management has received considerable attention from both the research and commercial communities as a useful primitive for secure electronic commerce and secure communication. While the mechanics of certifying and revoking public keys and escrowing and recovering private keys have been widely explored, less attention has been paid to access control frameworks for regulating access to stored keys by different parties. In this article we propose such a framework for a key management service that supports public key registration, lookup, and revocation, and private key escrow, protected use (e.g., to decrypt selected messages), and recovery. We propose an access control model using a policy based on principal, ownership, and authority relationships on keys. The model allows owners to grant to others (and revoke) privileges to execute various actions on their keys. The simple authorization language is very expressive, enabling the specification of authorizations for composite subjects that can be fully specified (ground) or partially specified, thus making the authorizations applicable to all subjects satisfying some conditions. We illustrate how the access control policy and the authorizations can easily be expressed through a simple and restricted, hence efficiently computable, form of logic language.

[1]  Ravi Ganesan,et al.  How to use key escrow , 1996, CACM.

[2]  Silvio Micali,et al.  Fair Public-Key Cryptosystems , 1992, CRYPTO.

[3]  Peter J. Denning,et al.  Data Security , 1979, CSUR.

[4]  Marianne Winslett,et al.  Using Digital Credentials on the World Wide Web , 1997, J. Comput. Secur..

[5]  B. Lampson,et al.  Authentication in distributed systems: theory and practice , 1991, TOCS.

[6]  Martín Abadi,et al.  A Calculus for Access Control in Distributed Systems , 1991, CRYPTO.

[7]  Joan Feigenbaum,et al.  Decentralized trust management , 1996, Proceedings 1996 IEEE Symposium on Security and Privacy.

[8]  Gail-Joon Ahn,et al.  Role-based access control on the web , 2001, TSEC.

[9]  Sushil Jajodia,et al.  Flexible support for multiple access control policies , 2001, TODS.

[10]  David Alan Hanson,et al.  Data security , 1979, ACM-SE 17.

[11]  Ravi Ganesan,et al.  Yaksha: augmenting Kerberos with public key cryptography , 1995, Proceedings of the Symposium on Network and Distributed System Security.

[12]  Matthew K. Franklin,et al.  The Ω key management service , 1996, CCS '96.

[13]  Ravi Ganesan,et al.  How to Use Key Escrow (Introduction to the Special Section). , 1996 .

[14]  Ravi S. Sandhu,et al.  Binding identities and attributes using digitally signed certificates , 2000, Proceedings 16th Annual Computer Security Applications Conference (ACSAC'00).

[15]  Jerome H. Saltzer,et al.  The protection of information in computer systems , 1975, Proc. IEEE.

[16]  Martín Abadi,et al.  A calculus for access control in distributed systems , 1991, TOPL.

[17]  Simon S. Lam,et al.  Authorizations in Distributed Systems: A New Approach , 1993, J. Comput. Secur..

[18]  Joan Feigenbaum,et al.  A logic-based knowledge representation for authorization with delegation , 1999, Proceedings of the 12th IEEE Computer Security Foundations Workshop.

[19]  Ramaswamy Chandramouli,et al.  The Queen's Guard: A Secure Enforcement of Fine-grained Access Control In Distributed Data Analytics Platforms , 2001, ACM Trans. Inf. Syst. Secur..

[20]  Sabrina De Capitani di Vimercati,et al.  Access Control: Policies, Models, and Mechanisms , 2000, FOSAD.

[21]  Ravi S. Sandhu,et al.  Role-Based Access Control Models , 1996, Computer.

[22]  Ueli Maurer,et al.  Modelling a Public-Key Infrastructure , 1996, ESORICS.

[23]  P. V. McMahon SESAME V2 public key and authorisation extensions to Kerberos , 1995, Proceedings of the Symposium on Network and Distributed System Security.

[24]  Matthew K. Franklin,et al.  The Omega Key Management Service , 1996, J. Comput. Secur..