论文信息 - New security services based on PKI

New security services based on PKI

The basic job of a Public Key Infrastructure, PKI for short, is to define the mechanisms used both to allow a recipient of a signed message to trust a digital signature and to allow a sender to find the encryption key for a recipient. It is comprised of those elements needed to manage and enable the effective use of public key cryptography technology, particularly on a medium and large scale. Nowadays, PKIs are being considered as a key element for providing security to new distributed communication networks and services. In this paper, we describe two of these innovative security services built over our own designed and implemented Java IPv6 PKI: a distributed security policy management architecture and a distributed credential management system.

Antonio F. Gómez-Skarmeta | Óscar Cánovas Reverte | Gregorio Martínez Pérez | G. Pérez | A. Gómez-Skarmeta

[1] Keith McCloghrie,et al. COPS Usage for Policy Provisioning , 1999 .

[2] Tero Hasu,et al. A Revocation, Validation and Authentication Protocol for SPKI Based Delegation Systems , 2000, NDSS.

[3] Jean-Emile Elien,et al. Certificate discovery using SPKI/SDSI 2.0 certificates , 1998 .

[4] Hugo Krawczyk,et al. A Security Architecture for the Internet Protocol , 1999, IBM Syst. J..

[5] Butler W. Lampson,et al. Simple Public Key Certificate , 1998 .

[6] Kenneth P. Birman,et al. Dynamic Virtual Private Networks , 1997 .

[7] Paul McKee,et al. Policy-based management for ALAN-enabled networks , 2002, Proceedings Third International Workshop on Policies for Distributed Systems and Networks.

[8] Tero Hasu,et al. Implementing an SPKI Certificate Repository within the DNS , 2000 .

[9] Butler W. Lampson,et al. SPKI Certificate Theory , 1999, RFC.

[10] Jim Boyle,et al. Accept-Ranges : bytes Content-Length : 55967 Connection : close Content-Type : text / plain Internet Draft , 2012 .

[11] Ronald L. Rivest,et al. SDSI - A Simple Distributed Security Infrastructure , 1996 .

[12] Carlisle M. Adams,et al. Internet X.509 Public Key Infrastructure Time-Stamp Protocol (TSP) , 2001, RFC.

[13] Óscar Cánovas,et al. A Distributed Credential Management System for SPKI-based Delegation Systems , 2002 .