Credentials management for high-value transactions

Authors:
Glenn Benson;Shiu-Kai Chin;Sean Croston;Karthick Jayaraman;Susan Older
Affiliations:
JP Morgan Chase;EECS Department, Syracuse University, Syracuse, New York;JP Morgan Chase;EECS Department, Syracuse University, Syracuse, New York;EECS Department, Syracuse University, Syracuse, New York
Venue:
MMM-ACNS'10 Proceedings of the 5th international conference on Mathematical methods, models and architectures for computer network security
Year:
2010

Citing 4
Cited 0

A calculus for access control in distributed systems

ACM Transactions on Programming Languages and Systems (TOPLAS)
Online Certificate Status Checking in Financial Transactions: The Case for Re-issuance

FC '99 Proceedings of the Third International Conference on Financial Cryptography
Portable security transaction protocol

Computer Networks: The International Journal of Computer and Telecommunications Networking
Logic in Access Control (Tutorial Notes)

Foundations of Security Analysis and Design V

Quantified Score

Hi-index	0.00

Visualization

Abstract

Partner key management (PKM) is an interoperable credential management protocol for online commercial transactions of high value. PKM reinterprets traditional public key infrastructure (PKI) for use in high-value commercial transactions, which require additional controls on the use of credentials for authentication and authorization. The need for additional controls is met by the use of partner key practice statements (PKPS), which are machine-readable policy statements precisely specifying a bank's policy for accepting and processing payment requests. As assurance is crucial for high-value transactions, we use an access-control logic to: (1) describe the protocol, (2) assure the logical consistency of the operations, and (3) to make the trust assumptions explicit.