Sciweavers

IDTRUST
2010
ACM

Computational techniques for increasing PKI policy comprehension by human analysts

14 years 7 months ago
Computational techniques for increasing PKI policy comprehension by human analysts
Natural-language policies found in X.509 PKI describe an organization’s stated policy as a set of requirements for trust. The widespread use of X.509 underscores the importance of understanding these requirements. Although many review processes are defined in terms of the semantic structure of these policies, human analysts are confined to working with page-oriented PDF texts. Our research accelerates PKI operations by enabling machines to translate between policy page numbers and policy reference structure. Adapting technologies supporting the analysis of Classical texts, we introduce two new tools. Our Vertical Variance Reporter helps analysts efficiently compare the reference structure of two policies. Our Citation-Aware HTML enables machines to process human-readable displays of policies in terms of this reference structure. We evaluate these contributions in terms of real-world feedback and observations from organizations that audit or accredit policies. Categories and Subjec...
Gabriel A. Weaver, Scott A. Rea, Sean W. Smith
Added 17 May 2010
Updated 17 May 2010
Type Conference
Year 2010
Where IDTRUST
Authors Gabriel A. Weaver, Scott A. Rea, Sean W. Smith
Comments (0)