Binding identities and attributes using digitally signed certificates

Joon S. Park, Ravi Sandhu

Research output: Chapter in Book/Entry/PoemChapter

40 Scopus citations

Abstract

A certificate is digitally signed by a certificate authority (CA) to confirm that the information in the certificate is valid and belongs to the subject. Certificate users can verify the integrity and validity of a certificate by checking the issuing CA's digital signature in the certificate and, if necessary, chasing certificate chain and revocation lists. Usually, we use certificates to provide the integrity of identity or attribute information of the subject. Attributes must be coupled with the corresponding identities. We introduce comprehensive approaches to bind identity and attribute certificates, identifying three different techniques: monolithic, autonomic, and chained signatures. We describe each technique and analyze the relative advantages and disadvantages of each.

Original languageEnglish (US)
Title of host publicationProceedings - Annual Computer Security Applications Conference, ACSAC
Pages120-127
Number of pages8
ISBN (Electronic)0769508596
DOIs
StatePublished - 2000
Externally publishedYes

Keywords

  • Authentication
  • Content addressable storage
  • Digital signatures
  • ISO
  • Information analysis
  • Information security
  • Public key
  • Public key cryptography
  • Scalability
  • Standards organizations

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Software
  • Safety, Risk, Reliability and Quality

Fingerprint

Dive into the research topics of 'Binding identities and attributes using digitally signed certificates'. Together they form a unique fingerprint.

Cite this