An innovative policy-based cross certification methodology for public key infrastructures

Authors:
Valentina Casola;Antonino Mazzeo;Nicola Mazzocca;Massimiliano Rak
Affiliations:
Seconda Universita' di Napoli Dipartimento di Ingegneria dell'Informazione, Aversa (CE), Italy;Universita' degli Studi di Napoli, Federico II Dipartimento di Informatica e Sistemistica Naples, Italy;Universita' degli Studi di Napoli, Federico II Dipartimento di Informatica e Sistemistica Naples, Italy;Seconda Universita' di Napoli Dipartimento di Ingegneria dell'Informazione, Aversa (CE), Italy
Venue:
EuroPKI'05 Proceedings of the Second European conference on Public Key Infrastructure
Year:
2005

Citing 7
Cited 6

The importance of dealing with uncertainty in the evaluation of software engineering methods and tools

SEKE '02 Proceedings of the 14th international conference on Software engineering and knowledge engineering
Policy formalization to combine separate systems into larger connected network of trust

net-Con '02 Proceedings of the IFIP TC6 / WG6.2 & WG6.7 Conference on Network Control and Engineering for QoS, Security and Mobility
A Policy Language for a Pervasive Computing Environment

POLICY '03 Proceedings of the 4th IEEE International Workshop on Policies for Distributed Systems and Networks
A new approach to the X.509 framework: allowing a global authentication infrastructure without a global trust model

SNDSS '95 Proceedings of the 1995 Symposium on Network and Distributed System Security (SNDSS'95)
A Logical Language for Expressing Authorizations

SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
Security Level Evaluation: Policy and Fuzzy Techniques

ITCC '04 Proceedings of the International Conference on Information Technology: Coding and Computing (ITCC'04) Volume 2 - Volume 2
A formalisation and evaluation of certificate policies

Computer Communications

OCSP for Grids: Comparing Prevalidation versus Caching

GRID '06 Proceedings of the 7th IEEE/ACM International Conference on Grid Computing
Computational techniques for increasing PKI policy comprehension by human analysts

Proceedings of the 9th Symposium on Identity and Trust on the Internet
Interoperable grid PKIs among untrusted domains: an architectural proposal

GPC'07 Proceedings of the 2nd international conference on Advances in grid and pervasive computing
A computational framework for certificate policy operations

EuroPKI'09 Proceedings of the 6th European conference on Public key infrastructures, services and applications
Using hierarchal change mining to manage network security policy evolution

Hot-ICE'11 Proceedings of the 11th USENIX conference on Hot topics in management of internet, cloud, and enterprise networks and services
An interdomain PKI model based on trust lists

EuroPKI'07 Proceedings of the 4th European conference on Public Key Infrastructure: theory and practice

Quantified Score

Hi-index	0.00

Visualization

Abstract

Cross Certification among CAs is a very huge problem which is actually manually performed by security experts and organizational people, trying to understand if two CAs could cooperate. The evaluation process is based on the evaluation of the Certificate policies which are usually expressed in a not formalized (and native language) way. In this paper we propose a methodology to automatically evaluate and compare security policies for Cross Certification. The methodology consists in the formalization of a policy template and in the building of a reference evaluation model. The proposed approach can be applied on several models of Cross Certification.