A new design of privilege management infrastructure with binding signature semantics


Bicakci K., Baykal N.

PUBLIC KEY INFRASTRUCTURE, PROCEEDINGS, cilt.3093, ss.306-313, 2004 (SCI İndekslerine Giren Dergi) identifier identifier

  • Cilt numarası: 3093
  • Basım Tarihi: 2004
  • Dergi Adı: PUBLIC KEY INFRASTRUCTURE, PROCEEDINGS
  • Sayfa Sayıları: ss.306-313

Özet

Just like PKI, used to support public key certificates, Privilege Management Infrastructure (PMI) is built to provide a foundation to employ attribute certificates. Although most of the PKI ideas can be applied to PMI as well, PMI has some unique characteristics for instance it should handle attributes containing confidential information. Motivating by this fact, Dawson et al. recently proposed a new PMI design for those who would like to use the outsourced PKI but keep the PMI management inside the organization. In this paper, we propose an alternative design to have a more fine-grained control over attribute certificates. Immediate revocation and simplified verification are two big advantages of our approach.