Formal support for certificate management policies

11 years 9 months ago
Formal support for certificate management policies
Traditionally, creation and revocation of certificates are governed by policies that are carried manually, off-line, by trusted agents. This approach to certificate management is appropriate for many current applications, where these policies cannot be verified automatically (e.g. require verification of of non-digital credentials). But it is expensive, time consuming and error-prone for the growing class of applications where certificate management policies can be formalized and carried-out automatically. We argue that, in these cases, creation and revocation of certificates could be viewed as any other online service available in a system. Access to these particular service instances could be regulated much in the same manner as file access or resource allocation. This paper proposes a formulation for certification and revocation policies, and a framework for their support. In this framework, certificate management policies are enforced by generic policy engines, wrapped around cert...
Victoria Ungureanu
Added 17 Dec 2010
Updated 17 Dec 2010
Type Journal
Year 2004
Authors Victoria Ungureanu
Comments (0)