SEKE '02 Proceedings of the 14th international conference on Software engineering and knowledge engineering
Policy formalization to combine separate systems into larger connected network of trust
net-Con '02 Proceedings of the IFIP TC6 / WG6.2 & WG6.7 Conference on Network Control and Engineering for QoS, Security and Mobility
A Policy Language for a Pervasive Computing Environment
POLICY '03 Proceedings of the 4th IEEE International Workshop on Policies for Distributed Systems and Networks
SNDSS '95 Proceedings of the 1995 Symposium on Network and Distributed System Security (SNDSS'95)
A Logical Language for Expressing Authorizations
SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
Security Level Evaluation: Policy and Fuzzy Techniques
ITCC '04 Proceedings of the International Conference on Information Technology: Coding and Computing (ITCC'04) Volume 2 - Volume 2
A formalisation and evaluation of certificate policies
Computer Communications
OCSP for Grids: Comparing Prevalidation versus Caching
GRID '06 Proceedings of the 7th IEEE/ACM International Conference on Grid Computing
Computational techniques for increasing PKI policy comprehension by human analysts
Proceedings of the 9th Symposium on Identity and Trust on the Internet
Interoperable grid PKIs among untrusted domains: an architectural proposal
GPC'07 Proceedings of the 2nd international conference on Advances in grid and pervasive computing
A computational framework for certificate policy operations
EuroPKI'09 Proceedings of the 6th European conference on Public key infrastructures, services and applications
Using hierarchal change mining to manage network security policy evolution
Hot-ICE'11 Proceedings of the 11th USENIX conference on Hot topics in management of internet, cloud, and enterprise networks and services
An interdomain PKI model based on trust lists
EuroPKI'07 Proceedings of the 4th European conference on Public Key Infrastructure: theory and practice
Hi-index | 0.00 |
Cross Certification among CAs is a very huge problem which is actually manually performed by security experts and organizational people, trying to understand if two CAs could cooperate. The evaluation process is based on the evaluation of the Certificate policies which are usually expressed in a not formalized (and native language) way. In this paper we propose a methodology to automatically evaluate and compare security policies for Cross Certification. The methodology consists in the formalization of a policy template and in the building of a reference evaluation model. The proposed approach can be applied on several models of Cross Certification.