Delegation Issuing Service

Chadwick, David W. (2005) Delegation Issuing Service. In: NIST 4th Annual PKI Workshop. , Gaithersberg, USA pp. 62-73. (Full text available)

PDF
Download (191kB)
[img]
Preview

Abstract

This paper describes the concept of a delegation issuing service (DIS), which is a service that issues X.509 attribute certificates on behalf of an attribute authority (typically a manager). The paper defines the X.509 certificate extensions that are being proposed for the 2005 edition of X.509 in order to implement the DIS concept, as well as the additional steps that a relying party will need to undertake when validating certificates issued in this way. The paper also presents our initial experiences of designing a DIS to add to the PERMIS authorization infrastructure. The paper concludes by reviewing some of the previous standards work in delegation of authority and anticipating some of the further standardization work that is still required in the field of privilege management.

Item Type: Conference or workshop item (Paper)
Additional information: Available from : http://middleware.internet2.edu/pki05/proceedings/chadwick-delegation-issuing.pdf
Subjects: Q Science > QA Mathematics (inc Computing science) > QA 76 Software, computer programming,
Divisions: Faculties > Science Technology and Medical Studies > School of Computing > Security Group
Faculties > Science Technology and Medical Studies > School of Computing > Systems Architecture Group
Depositing User: Mark Wheadon
Date Deposited: 24 Nov 2008 18:03
Last Modified: 06 Sep 2011 01:29
Resource URI: http://kar.kent.ac.uk/id/eprint/14342 (The current URI for this page, for reference purposes)
  • Depositors only (login required):

Downloads

Downloads per month over past year