论文信息 - A New Design of Privilege Management Infrastructure with Binding Signature Semantics

A New Design of Privilege Management Infrastructure with Binding Signature Semantics

Just like PKI, used to support public key certificates, Privilege Management Infrastructure (PMI) is built to provide a foundation to employ attribute certificates. Although most of the PKI ideas can be applied to PMI as well, PMI has some unique characteristics for instance it should handle attributes containing confidential information. Motivating by this fact, Dawson et al. recently proposed a new PMI design for those who would like to use the outsourced PKI but keep the PMI management inside the organization. In this paper, we propose an alternative design to have a more fine-grained control over attribute certificates. Immediate revocation and simplified verification are two big advantages of our approach.

Kemal Bicakci | Nazife Baykal

[1] Alfred Menezes,et al. Handbook of Applied Cryptography , 2018 .

[2] Carlisle M. Adams,et al. X.509 Internet Public Key Infrastructure Online Certificate Status Protocol - OCSP , 1999, RFC.

[3] Adi Shamir,et al. A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[4] Tatsuaki Okamoto. Topics in Cryptology – CT-RSA 2004 , 2004, Lecture Notes in Computer Science.

[5] Ed Dawson,et al. A New Design of Privilege Management Infrastructure for Organizations Using Outsourced PKI , 2002, ISC.

[6] Kemal Bicakci,et al. Server Assisted Signatures Revisited , 2004, CT-RSA.

[7] Peter Pharow,et al. Applications in health care using public-key certificates and attribute certificates , 2000, Proceedings 16th Annual Computer Security Applications Conference (ACSAC'00).

[8] Dan Boneh,et al. Fine-grained control of security capabilities , 2004, TOIT.

[9] Gene Tsudik,et al. Simple Identity-Based Cryptography with Mediated RSA , 2003, CT-RSA.

[10] Marc Joye,et al. Topics in Cryptology — CT-RSA 2003 , 2003 .