Preliminary steps in designing and implementing a privilege verifier for PMI
October 17, 2019 Β· Declared Dead Β· π International Conference WWW/Internet
"No code URL or promise found in abstract"
Evidence collected by the PWNC Scanner
Authors
Diana Berbecaru, Antonio Lioy
arXiv ID
1910.07930
Category
cs.CR: Cryptography & Security
Citations
0
Venue
International Conference WWW/Internet
Last Checked
4 months ago
Abstract
We have designed and deployed a system that uses X.509 public-key certificates (PKC) and attribute certificates (AC) for access control. This includes an authorization service for on-line environments where clients are identified by X.509 PKCs and their privileges are expressed with X.509 ACs. During a request to a protected resource, a privilege verifier decides if the user satisfies all the requirements to get access to the controlled resource. In this paper we focus on the steps to be performed by the privilege verifier, which is the entity in charge of validating both the PKCs and the ACs involved. The validation of PKCs and of ACs are two separate tasks but they are closely related. In our system we have identified two distinct entities: the privilege verifier whose task is to validate ACs, and the certificate validation server, whose task is to validate the PKCs. The validation of PKC is more complex, and it thus can be implemented and provided as a service by a dedicated authority, named Validation Authority. This paper describes the model, architecture and implementation of this system. It also includes some preliminary measurements and our future plans for the development of the system.
Community Contributions
Found the code? Know the venue? Think something is wrong? Let us know!
π Similar Papers
In the same crypt β Cryptography & Security
R.I.P.
π»
Ghosted
R.I.P.
π»
Ghosted
The Limitations of Deep Learning in Adversarial Settings
R.I.P.
π»
Ghosted
Distillation as a Defense to Adversarial Perturbations against Deep Neural Networks
R.I.P.
π»
Ghosted
Spectre Attacks: Exploiting Speculative Execution
R.I.P.
π»
Ghosted
How To Backdoor Federated Learning
R.I.P.
π»
Ghosted
Evasion Attacks against Machine Learning at Test Time
Died the same way β π» Ghosted
R.I.P.
π»
Ghosted
Federated Learning: Strategies for Improving Communication Efficiency
R.I.P.
π»
Ghosted
In-Datacenter Performance Analysis of a Tensor Processing Unit
R.I.P.
π»
Ghosted
Deep Convolutional Neural Networks for Computer-Aided Detection: CNN Architectures, Dataset Characteristics and Transfer Learning
R.I.P.
π»
Ghosted