A new design of privilege management infrastructure with binding signature semantics


Bicakci K., Baykal N.

PUBLIC KEY INFRASTRUCTURE, PROCEEDINGS, vol.3093, pp.306-313, 2004 (Journal Indexed in SCI) identifier identifier

  • Publication Type: Article / Article
  • Volume: 3093
  • Publication Date: 2004
  • Title of Journal : PUBLIC KEY INFRASTRUCTURE, PROCEEDINGS
  • Page Numbers: pp.306-313

Abstract

Just like PKI, used to support public key certificates, Privilege Management Infrastructure (PMI) is built to provide a foundation to employ attribute certificates. Although most of the PKI ideas can be applied to PMI as well, PMI has some unique characteristics for instance it should handle attributes containing confidential information. Motivating by this fact, Dawson et al. recently proposed a new PMI design for those who would like to use the outsourced PKI but keep the PMI management inside the organization. In this paper, we propose an alternative design to have a more fine-grained control over attribute certificates. Immediate revocation and simplified verification are two big advantages of our approach.