Title :
Privacy-enhanced access control by SPKI and its application to Web server
Author :
Saito, Takamichi ; Umesawa, Kentaro ; Okuno, Hiroshi G.
Author_Institution :
Dept. of Inf. Sci., Sci. Univ. of Tokyo, Japan
Abstract :
For providing a privacy-enhanced access only for an appropriate user, anonymous access such as anonymous FTP is too weak because a service provider cannot know about a client, while authentication-based access control such as PKIX (Public Key Infrastructure with X.509) is too strong because ID information on a client is exposed to a service-provider. Instead, we present a new access control scheme by using SPKI (Simple Public Key Infrastructure), since an authorization certificate based on SPKI does not carry any ID information. This scheme needs additional mechanism for the server and clients such as issuing, delegating, validating, and revoking certificates. A web-based privacy-enhanced access control is designed on the basis of the proposed scheme and implemented by Java. The resulting system shows that the proposed scheme works well with a small amount of overheads being introduced into a normal web server
Keywords :
Java; access control; message authentication; public key cryptography; search engines; SPKI; Web server; X.509; authentication-based access control; authorization certificate; privacy-enhanced access control; public key infrastructure; Access control; Access protocols; Authorization; Blood; Internet; Java; Network servers; Privacy; Public key; Web server;
Conference_Titel :
Enabling Technologies: Infrastructure for Collaborative Enterprises, 2000. (WET ICE 2000). Proeedings. IEEE 9th International Workshops on
Conference_Location :
Gaithersburg, MD
Print_ISBN :
0-7695-0798-0
DOI :
10.1109/ENABL.2000.883729
