Active Certificates: A Framework for Delegation

In this paper, we present a novel approach to delegation in computer systems. We exploit mobile code capabilities of today’s systems to build active certificates: cryptographically signed mobile agents that implement delegation policy. Active certificates arrive at a new combination of properties, including expressivity, transparency, and offline operation, that is not available in existing systems. These properties make active certificates powerful tools to express delegation. Active certificates can also be used as a mechanism to implement complex policy systems, such as public key infrastructures; systems built in this way are easily extensible and interoperable. A prototype implementation of active certificates has been built as part of the Ninja [17] project.

[1]  David E. Culler,et al.  A composable framework for secure multi-modal access to Internet services from post-PC devices , 2000, Proceedings Third IEEE Workshop on Mobile Computing Systems and Applications.

[2]  Ronald L. Rivest,et al.  Can We Eliminate Certificate Revocations Lists? , 1998, Financial Cryptography.

[3]  Eric A. Brewer,et al.  NinjaMail: the design of a high-performance clustered, distributed e-mail system , 2000, Proceedings 2000. International Workshop on Parallel Processing.

[4]  David E. Culler,et al.  The multispace: an evolutionary platform for infrastructural services , 1999 .

[5]  Financial Cryptography , 1997, Lecture Notes in Computer Science.

[6]  Steven Tuecke,et al.  Internet X.509 Public Key Infrastructure (PKI) Proxy Certificate Profile , 2004, RFC.

[7]  Ronald L. Rivest,et al.  Certificate Chain Discovery in SPKI/SDSI , 2002, J. Comput. Secur..

[8]  Paul C. Kocher On Certificate Revocation and Validation , 1998, Financial Cryptography.

[9]  David A. Wagner,et al.  The Ninja Jukebox , 1999, USENIX Symposium on Internet Technologies and Systems.

[10]  Andrew W. Appel,et al.  Proof-carrying authentication , 1999, CCS '99.

[11]  David E. Culler,et al.  A Composable Framework for Secure Multi-Modal Access to Internet Services from Post-PC Devices , 2002, Mob. Networks Appl..

[12]  Dan S. Wallach,et al.  Termination in language-based systems , 2002, TSEC.

[13]  Frank Pfenning,et al.  System Description: Twelf - A Meta-Logical Framework for Deductive Systems , 1999, CADE.

[14]  Butler W. Lampson,et al.  SPKI Certificate Theory , 1999, RFC.

[15]  Guy L. Steele,et al.  The Java Language Specification , 1996 .

[16]  Armando Fox,et al.  Security on the move: indirect authentication using Kerberos , 1996, MobiCom '96.

[17]  Wilson C. Hsieh,et al.  Processes in KaffeOS: isolation, resource management, and sharing in java , 2000, OSDI.

[18]  Ben Y. Zhao,et al.  The Ninja architecture for robust Internet-scale systems and services , 2001, Comput. Networks.

[19]  Jon Howell,et al.  A Formal Semantics for SPKI , 2000, ESORICS.

[20]  Joan Feigenbaum,et al.  Compliance Checking in the PolicyMaker Trust Management System , 1998, Financial Cryptography.

[21]  Jeffrey D. Ullman,et al.  Protection in operating systems , 1976, CACM.

[22]  Moni Naor,et al.  Certificate revocation and certificate update , 1998, IEEE Journal on Selected Areas in Communications.

[23]  Martín Abadi,et al.  A Calculus for Access Control in Distributed Systems , 1991, CRYPTO.

[24]  D. Box,et al.  Simple object access protocol (SOAP) 1.1 , 2000 .

[25]  S. Gribble,et al.  Adapting to Network and Client Variation Using Active Proxies : Lessons and PerspectivesArmando , 1998 .

[26]  Joan Feigenbaum,et al.  Decentralized trust management , 1996, Proceedings 1996 IEEE Symposium on Security and Privacy.

[27]  Amir Pnueli,et al.  Translation Validation , 1998, TACAS.

[28]  Richard J. Lipton,et al.  A Linear time algorithm for deciding security , 1976, 17th Annual Symposium on Foundations of Computer Science (sfcs 1976).