Sciweavers

IADIS
2004

Preliminary Steps in Designing and Implementing a Privilege Verifier for PMI

14 years 28 days ago
Preliminary Steps in Designing and Implementing a Privilege Verifier for PMI
We have designed and deployed a system that uses X.509 public-key certificates (PKC) and attribute certificates (AC) for access control. This includes an authorization service for on-line environments where clients are identified by X.509 PKCs and their privileges are expressed with X.509 ACs. During a request to a protected resource, a privilege verifier decides if the user satisfies all the requirements to get access to the controlled resource. In this paper we focus on the steps to be performed by the privilege verifier, which is the entity in charge of validating both the PKCs and the ACs involved. The validation of PKCs and of ACs are two separate tasks but they are closely related. In our system we have identified two distinct entities: the privilege verifier whose task is to validate ACs, and the certificate validation server, whose task is to validate the PKCs. The validation of PKC is more complex, and it thus can be implemented and provided as a service by a dedicated author...
Diana Berbecaru, Antonio Lioy
Added 31 Oct 2010
Updated 31 Oct 2010
Type Conference
Year 2004
Where IADIS
Authors Diana Berbecaru, Antonio Lioy
Comments (0)