Authentication metric analysis and design
ACM Transactions on Information and System Security (TISSEC)
A policy-based methodology for security evaluation: A Security Metric for Public Key Infrastructures
Journal of Computer Security
A computational framework for certificate policy operations
EuroPKI'09 Proceedings of the 6th European conference on Public key infrastructures, services and applications
Incentivizing responsible networking via introduction-based routing
TRUST'11 Proceedings of the 4th international conference on Trust and trustworthy computing
A security auditing approach based on mobile agent in grid environments
ICCSA'06 Proceedings of the 2006 international conference on Computational Science and Its Applications - Volume Part V
An innovative policy-based cross certification methodology for public key infrastructures
EuroPKI'05 Proceedings of the Second European conference on Public Key Infrastructure
A formalisation and evaluation of certificate policies
Computer Communications
Global authentication in an untrustworthy world
HotOS'13 Proceedings of the 14th USENIX conference on Hot Topics in Operating Systems
Toward a cyber-physical topology language: applications to NERC CIP audit
Proceedings of the first ACM workshop on Smart energy grid security
| Hi-index | 0.00 |
Isolated network are currently being integrated in order to create a universal and virtual inter-network. In this context, the existence of a common authentication infrastructure is extremely important. CCITT Recommendation X.509 defines a public key-based "Authentication Framework" in which the Directory Service can be used to provide key management facilities for open applications. We propose a new approach to X.509 comprising a modular reorganization of the overall system and mechanisms allowing the realization of a global infrastructure for the deployment of authentication-based secure services. These mechanisms aim to complete the X.509 framework so as to rectify some open issues of the approach in order to allow the support of a multitude of trust models while respecting each security domain's certificates validation criteria. We first discuss aspects related to authentication data retrieval and validation with respect to X.509. Then we give an overview of the overall approach, and emphasize its more relevant aspects and mechanisms while describing the applicability of our approach with respect to security architectures and current trust models. Finally, we conclude the paper describing the applicability of our approach in a open and heterogeneous environment.