Authentication in distributed systems: theory and practice
ACM Transactions on Computer Systems (TOCS)
A method for obtaining digital signatures and public-key cryptosystems
Communications of the ACM
Communications of the ACM - Ontology: different ways of representing the same concept
Examining Smart-Card Security under the Threat of Power Analysis Attacks
IEEE Transactions on Computers
A Fair Protocol for Signing Contracts (Extended Abstract)
Proceedings of the 12th Colloquium on Automata, Languages and Programming
CRYPTO '99 Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology
Proceedings of the 11th USENIX Security Symposium
Digital signatures and electronic documents: a cautionary tale
Proceedings of the IFIP TC6/TC11 Sixth Joint Working Conference on Communications and Multimedia Security: Advanced Communications and Multimedia Security
Requirements for Policy Languages for Trust Negotiation
POLICY '02 Proceedings of the 3rd International Workshop on Policies for Distributed Systems and Networks (POLICY'02)
Trust-X: A Peer-to-Peer Framework for Trust Establishment
IEEE Transactions on Knowledge and Data Engineering
PorKI: Making User PKI Safe on Machines of Heterogeneous Trustworthiness
ACSAC '05 Proceedings of the 21st Annual Computer Security Applications Conference
Smart cards in hostile environments
WOEC'96 Proceedings of the 2nd conference on Proceedings of the Second USENIX Workshop on Electronic Commerce - Volume 2
vTPM: virtualizing the trusted platform module
USENIX-SS'06 Proceedings of the 15th conference on USENIX Security Symposium - Volume 15
SSH: secure login connections over the internet
SSYM'96 Proceedings of the 6th conference on USENIX Security Symposium, Focusing on Applications of Cryptography - Volume 6
Robust WYSIWYS: a method for ensuring that what you see is what you sign
AISC '08 Proceedings of the sixth Australasian conference on Information security - Volume 81
EuroPKI '08 Proceedings of the 5th European PKI workshop on Public Key Infrastructure: Theory and Practice
Beacon certificate push revocation
Proceedings of the 2nd ACM workshop on Computer security architectures
Lest we remember: cold boot attacks on encryption keys
SS'08 Proceedings of the 17th conference on Security symposium
Fortifying the dalì attack on digital signature
Proceedings of the 2nd international conference on Security of information and networks
So long, and no thanks for the externalities: the rational rejection of security advice by users
NSPW '09 Proceedings of the 2009 workshop on New security paradigms workshop
A fair non-repudiation protocol
SP'96 Proceedings of the 1996 IEEE conference on Security and privacy
Reducing the dependence of SPKI/SDSI on PKI
ESORICS'06 Proceedings of the 11th European conference on Research in Computer Security
Hi-index | 0.00 |
Certificate systems often provide a foundation for distributed system security. A certificate is a signed statement; the user's private key must have been used to create the certificate's signature and the resulting certificate is tamper evident. Despite being based on sound theory, certificate system implementations are often exploited. Furthermore, certificate systems are often complex, to the extent that user-space programmers avoid certificates in favor of less secure, but easier to program, mechanisms. We describe the certificate system for Ethos, an experimental OS that has been designed for security from the ground up. We reexamine and redesign the layering of certificate creation across kernel and user space, and discuss the beneficial security properties that result. The design enables certificates to be a pervasive authentication mechanism, private keys to be protected, and policy-based restrictions on the statements that a given application may sign. These protections are essential to protect digital identity systems from attack.