Reducing risks from poorly chosen keys
SOSP '89 Proceedings of the twelfth ACM symposium on Operating systems principles
Introduction to algorithms
Experiences with the Amoeba distributed operating system
Communications of the ACM
Webmaster in a nutshell: a desktop quick reference
Webmaster in a nutshell: a desktop quick reference
Journal of the ACM (JACM)
SSL and TLS: designing and building secure systems
SSL and TLS: designing and building secure systems
A method for obtaining digital signatures and public-key cryptosystems
Communications of the ACM
Using encryption for authentication in large networks of computers
Communications of the ACM
Proxy-based security protocols in networked mobile devices
Proceedings of the 2002 ACM symposium on Applied computing
Certificate chain discovery in SPKI?SDSI
Journal of Computer Security
Handbook of Applied Cryptography
Handbook of Applied Cryptography
Programming Perl
SSH, The Secure Shell: The Definitive Guide
SSH, The Secure Shell: The Definitive Guide
Keying Hash Functions for Message Authentication
CRYPTO '96 Proceedings of the 16th Annual International Cryptology Conference on Advances in Cryptology
Can We Eliminate Certificate Revocations Lists?
FC '98 Proceedings of the Second International Conference on Financial Cryptography
LDAP System Administration
Dos and don'ts of client authentication on the web
SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
Hi-index | 0.24 |
We present PubKey-Wiki, a public key-based wiki group collaboration system. PubKey-Wiki allows users to authenticate themselves using public-key cryptography and gain authorizations using digital certificates. By using public key-based user authentication, users' passwords are not sent across the network and are not stored on the web server's host machine. Using digital certificates to authorize users to access protected files facilitates delegation of authority and simpler access control list (ACL) management, and allows the ability of a user to pass authorizations onto other users without needing to connect to the wiki's server. The paper introduces a new approach to revocation in which revocation of certificates and revocation of public keys are handled separately and take effect immediately. The paper also introduces an algorithm, CertClosure, that computes the transitive closure of a set of certificates that contain authorization information. When a user adds or removes a certificate from his certificate directory in PubKey-Wiki, PubKey-Wiki uses the CertClosure algorithm to derive authorization rules. PubKey-Wiki stores these authorization rules in a lookup table where they can be easily referenced. When a user tries to access a protected file, PubKey-Wiki looks up and uses the relevant authorization rules to efficiently make an access control decision.