Title

Fine-grained Control of Security Capabilities

Publication Type

Journal Article

Publication Date

2-2004

Abstract

We present a new approach for fine-grained control over users' security privileges (fast revocation of credentials) centered around the concept of an on-line semi-trusted mediator (SEM). The use of a SEM in conjunction with a simple threshold variant of the RSA cryptosystem (mediated RSA) offers a number of practical advantages over current revocation techniques. The benefits include simplified validation of digital signatures, efficient certificate revocation for legacy systems and fast revocation of signature and decryption capabilities. This paper discusses both the architecture and the implementation of our approach as well as its performance and compatibility with the existing infrastructure. Experimental results demonstrate its practical aspects.

Discipline

Information Security

Research Areas

Information Security and Trust

Publication

ACM Transactions on Internet Technology

Volume

4

Issue

1

First Page

60

Last Page

82

ISSN

1533-5399

Identifier

10.1145/967030.967033

Publisher

ACM

Additional URL

http://dx.doi.org/10.1145/967030.967033