PAMINA: A Certificate Based Privilege Management System

14 years 7 days ago
PAMINA: A Certificate Based Privilege Management System
In this paper we present PAMINA (Privilege Administration and Management INfrAstructure), a privilege management system using authorization certificates. Our system supports distributed environments where autonomous authorities can manage and delegate privileges in accordance with their own policies. We introduce Improved Certification Verification Trees (I-CVTs) that guarantee very efficient and trustworthy certificate management. I-CVTs can provide undeniable proofs for the non-existence of a given certificate in contrast to CVTs as proposed in [1]. As a result, each authority can store its own I-CVT in a central, non-trusted, and replicable database. This database provides authenticated verifiers with basically only those certificates that are required to determine whether a user should be granted access to a resource or not. Since the system implements the pull model, clients need not to be involved in the access control decision process. PAMINA handles delegation trees instead of...
Zoltán Nochta, Peter Ebinger, Sebastian Abe
Added 15 Jul 2010
Updated 15 Jul 2010
Type Conference
Year 2002
Where NDSS
Authors Zoltán Nochta, Peter Ebinger, Sebastian Abeck
Comments (0)