Prudent Engineering Practice for Cryptographic Protocols
IEEE Transactions on Software Engineering
Robustness Principles for Public Key Protocols
CRYPTO '95 Proceedings of the 15th Annual International Cryptology Conference on Advances in Cryptology
Hi-index | 0.00 |
In the last years, SPKI, X.509 attribute certificates, or KeyNote has been proposed as mechanisms to create and specify authorization certificates, access control lists, or security policies in distributed environments. In this work we propose a new protocol able to negotiate and use some of these specifications. AMBAR is a multi-layered protocol based on a request/response model. In general, it provides functionality to transmit resource access requests, the authorization information related to those requests (credentials, ACLs), and results obtained from a certificate chain discovery method or compliance checker. It adds security by acting as a separate security layer inserted between the higher protocols and TCP (or another different transport protocol).