What can identity-based cryptography offer to web services?

Authors:
Jason Crampton;Hoon Wei Lim;Kenneth G. Paterson
Affiliations:
University of London, Egham, Surrey, United Kingdom;University of London, Egham, Surrey, United Kingdom;University of London, Egham, Surrey, United Kingdom
Venue:
Proceedings of the 2007 ACM workshop on Secure web services
Year:
2007

Citing 33
Cited 1

Identity-based cryptosystems and signature schemes

Proceedings of CRYPTO 84 on Advances in cryptology
Understanding DCE

Understanding DCE
The essential CORBA: systems integration using distributed objects

The essential CORBA: systems integration using distributed objects
Role-Based Access Control Models

Computer
Enterprise application integration

Enterprise application integration
How to share a secret

Communications of the ACM
A method for obtaining digital signatures and public-key cryptosystems

Communications of the ACM
Understanding Web Services: XML, WSDL, SOAP, and UDDI

Understanding Web Services: XML, WSDL, SOAP, and UDDI
Web Services Security

Web Services Security
Semantic Web Services

IEEE Intelligent Systems
Toward Hierarchical Identity-Based Encryption

EUROCRYPT '02 Proceedings of the International Conference on the Theory and Applications of Cryptographic Techniques: Advances in Cryptology
Hierarchical ID-Based Cryptography

ASIACRYPT '02 Proceedings of the 8th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Applications of Multiple Trust Authorities in Pairing Based Cryptosystems

InfraSec '02 Proceedings of the International Conference on Infrastructure Security
A One Round Protocol for Tripartite Diffie-Hellman

ANTS-IV Proceedings of the 4th International Symposium on Algorithmic Number Theory
The HP time vault service: exploiting IBE for timed release of confidential information

WWW '03 Proceedings of the 12th international conference on World Wide Web
Investigating the Limits of SOAP Performance for Scientific Computing

HPDC '02 Proceedings of the 11th IEEE International Symposium on High Performance Distributed Computing
Design of a Role-Based Trust-Management Framework

SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
Certificate-based authorization policy in a PKI environment

ACM Transactions on Information and System Security (TISSEC)
Securing Web Services with WS-Security: Demystifying WS-Security, WS-Policy, SAML, XML Signature, and XML Encryption

Securing Web Services with WS-Security: Demystifying WS-Security, WS-Policy, SAML, XML Signature, and XML Encryption
Breaking and provably repairing the SSH authenticated encryption scheme: A case study of the Encode-then-Encrypt-and-MAC paradigm

ACM Transactions on Information and System Security (TISSEC)
Service-Oriented Computing: Key Concepts and Principles

IEEE Internet Computing
Identity-Based Cryptography for Grid Security

E-SCIENCE '05 Proceedings of the First International Conference on e-Science and Grid Computing
Attribute-based encryption for fine-grained access control of encrypted data

Proceedings of the 13th ACM conference on Computer and communications security
Secure attribute-based systems

Proceedings of the 13th ACM conference on Computer and communications security
Domain-based administration of identity-based cryptosystems for secure email and IPSEC

SSYM'03 Proceedings of the 12th conference on USENIX Security Symposium - Volume 12
PKI Challenges: An Industry Analysis

Proceedings of the 2005 conference on Applied Public Key Infrastructure: 4th International Workshop: IWAP 2005
Access control using pairing based cryptography

CT-RSA'03 Proceedings of the 2003 RSA conference on The cryptographers' track
Web Services: Concepts, Architectures and Applications

Web Services: Concepts, Architectures and Applications
Policy-based cryptography and applications

FC'05 Proceedings of the 9th international conference on Financial Cryptography and Data Security
Efficient identity-based encryption without random oracles

EUROCRYPT'05 Proceedings of the 24th annual international conference on Theory and Applications of Cryptographic Techniques
Hierarchical identity based encryption with constant size ciphertext

EUROCRYPT'05 Proceedings of the 24th annual international conference on Theory and Applications of Cryptographic Techniques
Anonymous hierarchical identity-based encryption (without random oracles)

CRYPTO'06 Proceedings of the 26th annual international conference on Advances in Cryptology
Cryptography in theory and practice: the case of encryption in IPsec

EUROCRYPT'06 Proceedings of the 24th annual international conference on The Theory and Applications of Cryptographic Techniques

Strengthen Cloud Computing Security with Federal Identity Management Using Hierarchical Identity-Based Cryptography

CloudCom '09 Proceedings of the 1st International Conference on Cloud Computing

Quantified Score

Hi-index	0.00

Visualization

Abstract

Web services are seen as the enabler of service-oriented computing, a promising next generation distributed computing technology. Independently, identity-based cryptography is emerging as a serious contender to more conventional certificate-based public key cryptography. However, the application of identity-based cryptography in web services appears largely unexplored. This paper sets out to examine how identity-based cryptography might be used to secure web services. We show that identity-based cryptography has some attractive properties which naturally suit the message-level security needed by web services.