Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
IADIS
2004
2004
Using SPKI/SDSI for Distributed Maintenance of Attribute Release Policies in Shibboleth
The Shibboleth middleware from Internet2 provides a way for users at higher-education institutions to access remote electronic content in compliance with the inter-institutional license agreements that govern such access. To protect enduser privacy, Shibboleth permits users to construct attribute release policies that control what user credentials a given content provider can obtain. However, Shibboleth leaves unspecified how to construct these policies. To be effective, a solution needs to accommodate the typical nature of a university: a set of decentralized fiefdoms. This need argues for a public-key infrastructure (PKI) approach--since public-key cryptography does not require parties to agree on a secret beforehand, and parties distributed throughout the institution are unlikely to agree on anything. However, this need also argues against the strict hierarchical structure of traditional PKI--policy in different fiefdoms will be decided differently, and originate within the fiefdom...
Real-time Traffic| Added | 31 Oct 2010 |
| Updated | 31 Oct 2010 |
| Type | Conference |
| Year | 2004 |
| Where | IADIS |
| Authors | Sidharth Nazareth, Sean W. Smith |
Comments (0)
Researcher Info
|
