The official PGP user's guide
PICS: Internet access controls without censorship
Communications of the ACM
Path independence for authentication in large-scale systems
Proceedings of the 4th ACM conference on Computer and communications security
Computer Networks: The International Journal of Computer and Telecommunications Networking - Special issue on computer network security
Decentralized Trust Management
SP '96 Proceedings of the 1996 IEEE Symposium on Security and Privacy
Access Control Meets Public Key Infrastructure, Or: Assigning Roles to Strangers
SP '00 Proceedings of the 2000 IEEE Symposium on Security and Privacy
Reasoning about public-key certification: on bindings between entities and public keys
IEEE Journal on Selected Areas in Communications
On specifying security policies for web documents with an XML-based language
SACMAT '01 Proceedings of the sixth ACM symposium on Access control models and technologies
Secure and selective dissemination of XML documents
ACM Transactions on Information and System Security (TISSEC)
Towards flexible credential verification in mobile ad-hoc networks
Proceedings of the second ACM international workshop on Principles of mobile computing
ACM Transactions on Information and System Security (TISSEC)
IEEE Internet Computing
Relying Party Credentials Framework
Electronic Commerce Research
An approach to certificate path discovery in mobile Ad Hoc networks
Proceedings of the 1st ACM workshop on Security of ad hoc and sensor networks
Trust Negotiations: Concepts, Systems, and Languages
Computing in Science and Engineering
Implementation of an agent-oriented trust management infrastructure based on a hybrid PKI model
iTrust'03 Proceedings of the 1st international conference on Trust management
Provision of trusted identity management using trust credentials
iTrust'06 Proceedings of the 4th international conference on Trust Management
Privacy-Preserving trust negotiations
PET'04 Proceedings of the 4th international conference on Privacy Enhancing Technologies
Hi-index | 0.00 |
We present architecture for e-business applications that receive requests from a party over the Net, to allow the applications to make decisions relying on the credentials of the requesting party. Relying party applications will be provided with uniform interface to the credentials of the requesting party. This will allow use of simple, widely available credentials as well as more advanced credentials such as public key certificates, attribute certificates and 'Negative' credentials such as certificate revocation lists (CRL). The core of the architecture is a Credential Manager who will provide all credential management functions, including collection of credentials, providing uniform interface to credentials, and extracting semantics relevant to the relying party's applications.