Um Modelo para o Gerenciamento Federado do SPKI/SDSI através do Serviço XKMS
Abstract
The XML Key Management Specification (XKMS) moves the complexity associated with Public Key Infrastructure (PKI) to a trusted Web Service. Although the specification shows that is possible to use PGP or SPKI/SDSI it is straight focused in X.509 PKI. This work does use of XKMS to propose a federated management model for SPKI/SDSI which permits that distributed applications can get the advantages of an authentication and authorization descentralized model.
References
Adams, C. e Boeyen, S. (2002). Uddi and wsdl extensions for web service: a security framework. In Proceedings of the 2002 ACM workshop on XML security, pages 80–89.
Bartel, M., Boyer, J., e Fox, B. (2002). XML-Signature Syntax and Processing. W3C. http://www.w3.org/TR/xmldsig-core.
Bilykh, I., Bychkov, Y., Dahlem, D., Jahnke, J. H., McCallum, G., Onabajo, C. O. A., e Kuziemsky, C. (2003). Can grid services provide answers to the challenges of national health information sharing? In Proceedings of the 2003 conference of the Centre for Advanced Studies on Collaborative research, pages 01–15.
Clarke, D. E. (2001). Spki/sdsi http server/certificate chain discovery in spki/sdsi. Master’s thesis, Massachusetts Institute of Technology - MIT.
Daniel J. Polivy, R. T. (2002). Authenticating distributed data using web services and xml signatures. In Proceedings of the 2002 ACM workshop on XML security, pages 80–89.
Ellison, C. M., Frantz, B., Lampson, B., Rivest, R., Thomas, B. M., e Ylonen, T. (1999). SPKI Certificate Theory. IETF RFC 2693.
Hallam-Baker, P. e Mysore, S. H. (2005). XML Key Management Specification (XKMS 2.0). W3C – Proposed Recommendation.
Imamura, T., Dillaway, B., e Simon, E. (2002). XML Encryption Syntax and Processing. W3C. http://www.w3.org/TR/xmlenc-core.
Kraft, R. (2002). Designing a distributed access control processor for network services on the web. ACM Transactions on Information and System Security (TISSEC), 7(1):36–52.
Morcos, A. (1998). A java implementation of simple distributed security infrastructure. Master’s thesis, Massachusetts Institute of Technology.
OASIS (2005). Assertions and Protocols for the OASIS Security Assertion Markup
Language (SAML) V2.0. Organization for the Advancement of Structured Information
Standards (OASIS). https://docs.oasis-open.org/security/saml/v2.0/saml-core-2.0-os.pdf.
Park, N., Moon, K., e Sohn, S. (2003). Xml security: Certificate validation service using xkms for computational grid. In Proceedings of the 2003 ACM workshop on XML security, pages 112–120.
Rivest, R. L. e Lampson, B. (1996). SDSI – A simple distributed security infrastructure. Presented at CRYPTO’96 Rumpsession.
Santin, A. (2004). Teias de Federações: uma Abordagem baseada em Cadeias de Confiança para Autenticação, Autorização e Navegação em Sistemas de Larga Escala. PhD thesis, Universidade Federal de Santa Catarina.
Bartel, M., Boyer, J., e Fox, B. (2002). XML-Signature Syntax and Processing. W3C. http://www.w3.org/TR/xmldsig-core.
Bilykh, I., Bychkov, Y., Dahlem, D., Jahnke, J. H., McCallum, G., Onabajo, C. O. A., e Kuziemsky, C. (2003). Can grid services provide answers to the challenges of national health information sharing? In Proceedings of the 2003 conference of the Centre for Advanced Studies on Collaborative research, pages 01–15.
Clarke, D. E. (2001). Spki/sdsi http server/certificate chain discovery in spki/sdsi. Master’s thesis, Massachusetts Institute of Technology - MIT.
Daniel J. Polivy, R. T. (2002). Authenticating distributed data using web services and xml signatures. In Proceedings of the 2002 ACM workshop on XML security, pages 80–89.
Ellison, C. M., Frantz, B., Lampson, B., Rivest, R., Thomas, B. M., e Ylonen, T. (1999). SPKI Certificate Theory. IETF RFC 2693.
Hallam-Baker, P. e Mysore, S. H. (2005). XML Key Management Specification (XKMS 2.0). W3C – Proposed Recommendation.
Imamura, T., Dillaway, B., e Simon, E. (2002). XML Encryption Syntax and Processing. W3C. http://www.w3.org/TR/xmlenc-core.
Kraft, R. (2002). Designing a distributed access control processor for network services on the web. ACM Transactions on Information and System Security (TISSEC), 7(1):36–52.
Morcos, A. (1998). A java implementation of simple distributed security infrastructure. Master’s thesis, Massachusetts Institute of Technology.
OASIS (2005). Assertions and Protocols for the OASIS Security Assertion Markup
Language (SAML) V2.0. Organization for the Advancement of Structured Information
Standards (OASIS). https://docs.oasis-open.org/security/saml/v2.0/saml-core-2.0-os.pdf.
Park, N., Moon, K., e Sohn, S. (2003). Xml security: Certificate validation service using xkms for computational grid. In Proceedings of the 2003 ACM workshop on XML security, pages 112–120.
Rivest, R. L. e Lampson, B. (1996). SDSI – A simple distributed security infrastructure. Presented at CRYPTO’96 Rumpsession.
Santin, A. (2004). Teias de Federações: uma Abordagem baseada em Cadeias de Confiança para Autenticação, Autorização e Navegação em Sistemas de Larga Escala. PhD thesis, Universidade Federal de Santa Catarina.
Published
2006-08-28
How to Cite
WANGHAM, Michelle S.; FRAGA, Joni da Silva; MELLO, Emerson Ribeiro de; MILANEZ, Josiane.
Um Modelo para o Gerenciamento Federado do SPKI/SDSI através do Serviço XKMS. In: BRAZILIAN SYMPOSIUM ON CYBERSECURITY (SBSEG), 6. , 2006, Santos.
Anais [...].
Porto Alegre: Sociedade Brasileira de Computação,
2006
.
p. 44-57.
DOI: https://doi.org/10.5753/sbseg.2006.20938.
