Jikzi - a new framework for security policy, trusted publishing and electronic commerce

  • Authors:

  • R. Anderson;J. -H. Lee

  • Affiliations:

  • Computer Laboratory, University of Cambridge, Pembroke Street, Cambridge CB2 3QG, UK;Filonet Korea Inc., CBS Building, 917-1 Mok-dong, Yangchun-gu, Seoul 158-701, South Korea

  • Venue:
  • Computer Communications
  • Year:
  • 2000

Quantified Score

Hi-index 0.24

Visualization

Abstract

In this paper, we will describe a thread of research, which we have followed off and on at Cambridge for about three years. Our topic is the security of electronic documents, in the broad sense: how can we be sure of the authenticity of things that are published electronically? This started off as a relatively small project, which we thought would take only a few weeks. The goal was to help our medical informatics department publish information such as drug formularies and treatment protocols on the hospital LAN or PC diskettes, in an appropriately dependable way. It rapidly became clear that the problem was much larger and more complex; a general solution would not only cope with 'content' - text, audio, video, software, whatever - but also with objects such as public key certificates. If done properly, it would give us a systematic way to deal with security policy on the web. Our goal now is to let people build integrated publishing and e-commerce services using simple, uniform and appropriate mechanisms. Our proposed solution is a single transparent markup language that allows us to support multiple security policies, plus supporting material ranging from a test implementation to an authentication logic.