• Title/Summary/Keyword: Attribute Certificates

Search Result 17, Processing Time 0.017 seconds

An Efficient Attribute Certificate Management Technique for Highly Distributed Environment (고도로 분산된 컴퓨팅 환경을 위한 효율적 속성 인증서 관리 기법)

  • Yang, Soo-Mi
    • Convergence Security Journal
    • /
    • v.5 no.1
    • /
    • pp.85-92
    • /
    • 2005
  • For an efficient role based access control in highly distributed computing environment to reduce management cost, we utilize attribute certificates. Especially highly distributed computing environments such as ubiquitous computing environments which cannot have global or broad control, need another attribute certificate management technique. The techniques for transmission of the attribute certificates and management of the group keys should be considered to reduce management cost. For better performance we structure attribute certificates. We group roles and make the role group relation tree. It results secure and efficient role renewing and distribution. For scalable attribute certificate distribution, multicasting packets are used. We take into account the packet loss and quantifying performance enhancements of structuring attribute certificates.

  • PDF

A Binding Mechanisms Using One-Time Attribute Certificates (일회성 속성인증서의 바인딩 메커니즘)

  • 박종화;이상하;김동규
    • The Journal of Korean Institute of Communications and Information Sciences
    • /
    • v.29 no.2C
    • /
    • pp.342-347
    • /
    • 2004
  • An ID certificate is digitally signed by a certificate authority for authentication and an attribute certificate is digitally signed by an attribute certificate authority for authorization. In many applications in web, there should be a mechanism to bind attributes to proper identities. The dependencies between them should be maintained. So we analyzed some known binding methods, selective revocation methods and cryptographic binding methods. And we proposed a binding mechanism using one-time attribute certificates in order to solve their problems.

Privilege Management Technique for Unreliable Network Environments based on Tree Structure (신뢰도가 낮은 네트워크 환경을 위한 트리 구조 기반의 권한 관리 기법)

  • Yang, Soo-Mi
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.18 no.5
    • /
    • pp.83-91
    • /
    • 2008
  • IISO/IEC 9594-8 defines the public key framework and attribute certificate framework. Attribute certificate framework deals with privilege management infrastructure(PMI). In PMI, for privilege management using attribute certificates, role assignment certificates and role specification certificates are used to assign and specify privileges independently. Role specification certificates includes privilege specifications and the details far privilege management of network environments. Privilege management of unreliable network environment tries to enhance the reliability and efficiency of privilege information transmission forwarding over unreliable routes in the presence of potentially faulty nodes and edges. Each node forms a role specification tree based on role specification relationship data collected from the network. In this paper privilege management cost with the role specification certificates tree structure is evaluated trying to reduce the overhead incurred by role creation and modification of privileges. The multicasting of packets are used for scalability. We establish management cost model taking into account the packet loss and node reliability which continuously join and leave for network. We present quantitative results which demonstrate the effectiveness of the proposed privilege management scheme.

Access Control using Attribute Certificates in Distributed System (분산시스템에서의 속성인증서를 이용한 접근통제방안)

  • Kim, Ji-Hong;Park, Chong-Hwa;Hwang, Tae-Hyun
    • The Journal of Information Technology
    • /
    • v.6 no.1
    • /
    • pp.107-115
    • /
    • 2003
  • With the development of Information Communication Technique, electronic commerce is widely used in internet using public key certificates. And the study for access control in database system is also progressed actively. In this paper, we analyze access control mechanism using attribute certificated and we propose new access mechanism in distributed system using attribute certificates.

  • PDF

A Certificate Verification Method based on the Attribute Certificates (AC기반의 인증서 검증 모델)

  • Park ChongHwa;Kim JiHong;Lee ChulSoo;Kim Dongkyoo
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.14 no.6
    • /
    • pp.15-24
    • /
    • 2004
  • Electronic commerce is widely used with the development of information communication technologies in internet using public key certificates. And the study for access control in Web application and DB system is also progressed actively. There are many verification method for PKC(Public Key Certificates), which are CRL, OCSP, SCVP and others. But their certificates verification methods for PKC cannot to be applied to PMI(Privilege Management Infrastructure) which is using AC(Attribute certificates) because of synchronization of PKC and AC. It is because AC has no public key, AC Verifier must get the PKC and verify the validity on PKC and AC. So in this paper we proposed the new AC-based certificate verification model. which provide the synchronization in two certificates(AC and PKC).

A Method Enforcing Dependencies between ID Certificates and Attribute Certificates in Inter-domain (속성인증서와 신분인증서 사이의 바인딩 메카니즘에 관한 연구)

  • Park Chong-Hwa
    • The Journal of Information Technology
    • /
    • v.5 no.4
    • /
    • pp.81-88
    • /
    • 2002
  • An ID certificate is digitally signed by a certificate authority for authentication and a attribute certificate is digitally signed by an attribute certificate authority for authorization. In many applications in web, there should be a mechanism to bind attributes to proper identities. So we analyzed some known binding methods, selective revocation methods and cryptographic binding methods and we proposed the new mechanism in order to solve their problems.

  • PDF

An Efficient Role Based Access Control Technique by Structuring of Role Specification Certificate (역할 명세 인증서의 구조화에 의한 효율적 역할기반 접근제어 기법)

  • Yang, Soo-Mi
    • Journal of Internet Computing and Services
    • /
    • v.6 no.5
    • /
    • pp.1-9
    • /
    • 2005
  • In a role based access control through attribute certificate, the use of role assignment certificates and role specification certificates can reduce management cost and the overhead incurred by changing roles, Highly distributed computing environments such as ubiquitous computing environments not having global or broad control. need another attribute certificate management technique, Actually just having role specification certificate separately reduce management cost, But for better performance we structure role specification, We group roles and make the role group relation tree, It results secure and efficient role renewing and distribution, For scalable role specification certificate distribution, the multicasting of packets is used, We take into account the packet lass and quantify performance enhancements of structuring role specification certificates.

  • PDF

Certificates Binding Method Using OCSP Server (OCSP 서버를 이용한 인증서 결합방안)

  • Kim JiHong;Chi JunWoong
    • Journal of the Institute of Electronics Engineers of Korea TC
    • /
    • v.41 no.1
    • /
    • pp.45-52
    • /
    • 2004
  • With the development of Information Communication Technique, electronic commerce is widely used in Internet using public key certificates. And the study on access control for web server or database server is also progressed actively. In this paper, we analyze the proposed access control method for server and the binding method between public key certificates and attribute certificates using OCSP server.

RBAC Method using Certificates (인증서를 이용한 역할기반 접근제어방안)

  • Park, Chong-Hwa;Kim, Ji-Hong
    • The Journal of Information Technology
    • /
    • v.6 no.1
    • /
    • pp.11-20
    • /
    • 2003
  • With the development of Information Communication Technique, electronic commerce using PKIs is widely used over the Internet. The goal of access control is to counter the threat of unauthorized operations involving Web-server or data base systems. The RBAC(Role-Based Access Control) has recently received considerable attention as a promising alternative to traditional discretionary and mandatory access controls. In this paper we propose two methods, the RBAC system using attribute certificates and the RBAC system using SPKI certificates. And we analyze and compare the two methods.

  • PDF

Attribute Certificate Profile Research (속성인증서 프로화일 연구)

  • 윤이중;류재철
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.11 no.5
    • /
    • pp.75-84
    • /
    • 2001
  • Existent public key certificates provide authentication information through some information on user\`s public key. However, an attribute certificate which stores and manage user\`s attribute information, provides various privilege information such as position, privilege and role. In recent, international organizations establishes standards on attribute certificate, and the researches and developments on attribute certificate have been widely made. In addition it may be expected to be used many real application area requiring for authorization information as well as authentication information. Therefore, this paper considers background and standardization trends of attribute certificate and describes the profile and related techniques of attribute certificate currently established by IETF. In addition, it introduces and access control system using attribute certificate and specifies applications of attribute certificate.