TeiVM2, Istex, Corpus, bibRecord, 000428

A Computational Framework for Certificate Policy Operations

Identifieur interne : 000428 ( Istex/Corpus ); précédent : 000427; suivant : 000429

A Computational Framework for Certificate Policy Operations

Auteurs : A. Weaver ; Scott Rea ; W. Smith

Source :

Lecture Notes in Computer Science [ 0302-9743 ] ; 2010.

RBID : ISTEX:8F2D3722365339EDF1BD6DAE7046314810E0FDB7

Abstract

Abstract: The trustworthiness of any Public Key Infrastructure (PKI) rests upon the expectations for trust, and the degree to which those expectations are met. Policies, whether implicit as in PGP and SDSI/SPKI or explicitly required as in X.509, document expectations for trust in a PKI. The widespread use of X.509 in the context of global e-Science infrastructures, financial institutions, and the U.S. Federal government demands efficient, transparent, and reproducible policy decisions. Since current manual processes fall short of these goals, we designed, built, and tested computational tools to process the citation schemes of X.509 certificate policies defined in RFC 2527 and RFC 3647. Our PKI Policy Repository, PolicyBuilder, and PolicyReporter improve the consistency of certificate policy operations as actually practiced in compliance audits, grid accreditation, and policy mapping for bridging PKIs. Anecdotal and experimental evaluation of our tools on real-world tasks establishes their actual utility and suggests how machine-actionable policy might empower individuals to make informed trust decisions in the future.

Url:

https://api.istex.fr/document/8F2D3722365339EDF1BD6DAE7046314810E0FDB7/fulltext/pdf

DOI: 10.1007/978-3-642-16441-5_2

Links to Exploration step

ISTEX:8F2D3722365339EDF1BD6DAE7046314810E0FDB7

Le document en format XML

<record><TEI wicri:istexFullTextTei="biblStruct"><teiHeader><fileDesc><titleStmt><title xml:lang="en">A Computational Framework for Certificate Policy Operations</title>
<author><name sortKey="Weaver, A" sort="Weaver, A" uniqKey="Weaver A" first="A." last="Weaver">A. Weaver</name>
<affiliation><mods:affiliation>Dartmouth College, NH 03755, Hanover, USA</mods:affiliation>
</affiliation>
</author>
<author><name sortKey="Rea, Scott" sort="Rea, Scott" uniqKey="Rea S" first="Scott" last="Rea">Scott Rea</name>
<affiliation><mods:affiliation>Dartmouth College, NH 03755, Hanover, USA</mods:affiliation>
</affiliation>
</author>
<author><name sortKey="Smith, W" sort="Smith, W" uniqKey="Smith W" first="W." last="Smith">W. Smith</name>
<affiliation><mods:affiliation>Dartmouth College, NH 03755, Hanover, USA</mods:affiliation>
</affiliation>
</author>
</titleStmt>
<publicationStmt><idno type="wicri:source">ISTEX</idno>
<idno type="RBID">ISTEX:8F2D3722365339EDF1BD6DAE7046314810E0FDB7</idno>
<date when="2010" year="2010">2010</date>
<idno type="doi">10.1007/978-3-642-16441-5_2</idno>
<idno type="url">https://api.istex.fr/document/8F2D3722365339EDF1BD6DAE7046314810E0FDB7/fulltext/pdf</idno>
<idno type="wicri:Area/Istex/Corpus">000428</idno>
</publicationStmt>
<sourceDesc><biblStruct><analytic><title level="a" type="main" xml:lang="en">A Computational Framework for Certificate Policy Operations</title>
<author><name sortKey="Weaver, A" sort="Weaver, A" uniqKey="Weaver A" first="A." last="Weaver">A. Weaver</name>
<affiliation><mods:affiliation>Dartmouth College, NH 03755, Hanover, USA</mods:affiliation>
</affiliation>
</author>
<author><name sortKey="Rea, Scott" sort="Rea, Scott" uniqKey="Rea S" first="Scott" last="Rea">Scott Rea</name>
<affiliation><mods:affiliation>Dartmouth College, NH 03755, Hanover, USA</mods:affiliation>
</affiliation>
</author>
<author><name sortKey="Smith, W" sort="Smith, W" uniqKey="Smith W" first="W." last="Smith">W. Smith</name>
<affiliation><mods:affiliation>Dartmouth College, NH 03755, Hanover, USA</mods:affiliation>
</affiliation>
</author>
</analytic>
<monogr></monogr>
<series><title level="s">Lecture Notes in Computer Science</title>
<imprint><date>2010</date>
</imprint>
<idno type="ISSN">0302-9743</idno>
<idno type="eISSN">1611-3349</idno>
<idno type="ISSN">0302-9743</idno>
</series>
<idno type="istex">8F2D3722365339EDF1BD6DAE7046314810E0FDB7</idno>
<idno type="DOI">10.1007/978-3-642-16441-5_2</idno>
<idno type="ChapterID">2</idno>
<idno type="ChapterID">Chap2</idno>
</biblStruct>
</sourceDesc>
<seriesStmt><idno type="ISSN">0302-9743</idno>
</seriesStmt>
</fileDesc>
<profileDesc><textClass></textClass>
<langUsage><language ident="en">en</language>
</langUsage>
</profileDesc>
</teiHeader>
<front><div type="abstract" xml:lang="en">Abstract: The trustworthiness of any Public Key Infrastructure (PKI) rests upon the expectations for trust, and the degree to which those expectations are met. Policies, whether implicit as in PGP and SDSI/SPKI or explicitly required as in X.509, document expectations for trust in a PKI. The widespread use of X.509 in the context of global e-Science infrastructures, financial institutions, and the U.S. Federal government demands efficient, transparent, and reproducible policy decisions. Since current manual processes fall short of these goals, we designed, built, and tested computational tools to process the citation schemes of X.509 certificate policies defined in RFC 2527 and RFC 3647. Our PKI Policy Repository, PolicyBuilder, and PolicyReporter improve the consistency of certificate policy operations as actually practiced in compliance audits, grid accreditation, and policy mapping for bridging PKIs. Anecdotal and experimental evaluation of our tools on real-world tasks establishes their actual utility and suggests how machine-actionable policy might empower individuals to make informed trust decisions in the future.</div>
</front>
</TEI>
<istex><corpusName>springer</corpusName>
<author><json:item><name>Gabriel A. Weaver</name>
<affiliations><json:string>Dartmouth College, NH 03755, Hanover, USA</json:string>
</affiliations>
</json:item>
<json:item><name>Scott Rea</name>
<affiliations><json:string>Dartmouth College, NH 03755, Hanover, USA</json:string>
</affiliations>
</json:item>
<json:item><name>Sean W. Smith</name>
<affiliations><json:string>Dartmouth College, NH 03755, Hanover, USA</json:string>
</affiliations>
</json:item>
</author>
<language><json:string>eng</json:string>
</language>
<originalGenre><json:string>OriginalPaper</json:string>
</originalGenre>
<abstract>Abstract: The trustworthiness of any Public Key Infrastructure (PKI) rests upon the expectations for trust, and the degree to which those expectations are met. Policies, whether implicit as in PGP and SDSI/SPKI or explicitly required as in X.509, document expectations for trust in a PKI. The widespread use of X.509 in the context of global e-Science infrastructures, financial institutions, and the U.S. Federal government demands efficient, transparent, and reproducible policy decisions. Since current manual processes fall short of these goals, we designed, built, and tested computational tools to process the citation schemes of X.509 certificate policies defined in RFC 2527 and RFC 3647. Our PKI Policy Repository, PolicyBuilder, and PolicyReporter improve the consistency of certificate policy operations as actually practiced in compliance audits, grid accreditation, and policy mapping for bridging PKIs. Anecdotal and experimental evaluation of our tools on real-world tasks establishes their actual utility and suggests how machine-actionable policy might empower individuals to make informed trust decisions in the future.</abstract>
<qualityIndicators><score>8.432</score>
<pdfVersion>1.6</pdfVersion>
<pdfPageSize>429.725 x 659.895 pts</pdfPageSize>
<refBibsNative>false</refBibsNative>
<keywordCount>0</keywordCount>
<abstractCharCount>1137</abstractCharCount>
<pdfWordCount>7049</pdfWordCount>
<pdfCharCount>44633</pdfCharCount>
<pdfPageCount>17</pdfPageCount>
<abstractWordCount>161</abstractWordCount>
</qualityIndicators>
<title>A Computational Framework for Certificate Policy Operations</title>
<chapterId><json:string>2</json:string>
<json:string>Chap2</json:string>
</chapterId>
<genre><json:string>conference</json:string>
</genre>
<serie><editor><json:item><name>David Hutchison</name>
<affiliations><json:string>Lancaster University, Lancaster, UK</json:string>
</affiliations>
</json:item>
<json:item><name>Takeo Kanade</name>
<affiliations><json:string>Carnegie Mellon University, Pittsburgh, PA, USA</json:string>
</affiliations>
</json:item>
<json:item><name>Josef Kittler</name>
<affiliations><json:string>University of Surrey, Guildford, UK</json:string>
</affiliations>
</json:item>
<json:item><name>Jon M. Kleinberg</name>
<affiliations><json:string>Cornell University, Ithaca, NY, USA</json:string>
</affiliations>
</json:item>
<json:item><name>Friedemann Mattern</name>
<affiliations><json:string>ETH Zurich, Zurich, Switzerland</json:string>
</affiliations>
</json:item>
<json:item><name>John C. Mitchell</name>
<affiliations><json:string>Stanford University, Stanford, CA, USA</json:string>
</affiliations>
</json:item>
<json:item><name>Moni Naor</name>
<affiliations><json:string>Weizmann Institute of Science, Rehovot, Israel</json:string>
</affiliations>
</json:item>
<json:item><name>Oscar Nierstrasz</name>
<affiliations><json:string>University of Bern, Bern, Switzerland</json:string>
</affiliations>
</json:item>
<json:item><name>C. Pandu Rangan</name>
<affiliations><json:string>Indian Institute of Technology, Madras, India</json:string>
</affiliations>
</json:item>
<json:item><name>Bernhard Steffen</name>
<affiliations><json:string>University of Dortmund, Dortmund, Germany</json:string>
</affiliations>
</json:item>
<json:item><name>Madhu Sudan</name>
<affiliations><json:string>Massachusetts Institute of Technology, MA, USA</json:string>
</affiliations>
</json:item>
<json:item><name>Demetri Terzopoulos</name>
<affiliations><json:string>University of California, Los Angeles, CA, USA</json:string>
</affiliations>
</json:item>
<json:item><name>Doug Tygar</name>
<affiliations><json:string>University of California, Berkeley, CA, USA</json:string>
</affiliations>
</json:item>
<json:item><name>Moshe Y. Vardi</name>
<affiliations><json:string>Rice University, Houston, TX, USA</json:string>
</affiliations>
</json:item>
<json:item><name>Gerhard Weikum</name>
<affiliations><json:string>Max-Planck Institute of Computer Science, Saarbrücken, Germany</json:string>
</affiliations>
</json:item>
</editor>
<issn><json:string>0302-9743</json:string>
</issn>
<language><json:string>unknown</json:string>
</language>
<eissn><json:string>1611-3349</json:string>
</eissn>
<title>Lecture Notes in Computer Science</title>
<copyrightDate>2010</copyrightDate>
</serie>
<host><editor><json:item><name>Fabio Martinelli</name>
<affiliations><json:string>National Research Council (C.N.R.), Istituto di Informatica e Telematica (IIT), Pisa Research Area, Via. G. Moruzzi 1, 56125, Pisa, Italy</json:string>
<json:string>E-mail: Fabio.Martinelli@iit.cnr.it</json:string>
</affiliations>
</json:item>
<json:item><name>Bart Preneel</name>
<affiliations><json:string>Dept. Electrical Engineering-ESAT/COSIC, Katholieke Universiteit Leuven, Kasteelpark Arenberg 10, Bus 2446, 3001, Leuven, Belgium</json:string>
<json:string>E-mail: bart.preneel@esat.kuleuven.be</json:string>
</affiliations>
</json:item>
</editor>
<subject><json:item><value>Computer Science</value>
</json:item>
<json:item><value>Computer Science</value>
</json:item>
<json:item><value>Computer Communication Networks</value>
</json:item>
<json:item><value>Data Encryption</value>
</json:item>
<json:item><value>Management of Computing and Information Systems</value>
</json:item>
<json:item><value>Algorithm Analysis and Problem Complexity</value>
</json:item>
<json:item><value>Computers and Society</value>
</json:item>
<json:item><value>Systems and Data Security</value>
</json:item>
</subject>
<isbn><json:string>978-3-642-16440-8</json:string>
</isbn>
<language><json:string>unknown</json:string>
</language>
<eissn><json:string>1611-3349</json:string>
</eissn>
<title>Public Key Infrastructures, Services and Applications</title>
<bookId><json:string>978-3-642-16441-5</json:string>
</bookId>
<volume>6391</volume>
<pages><last>33</last>
<first>17</first>
</pages>
<issn><json:string>0302-9743</json:string>
</issn>
<genre><json:string>book-series</json:string>
</genre>
<eisbn><json:string>978-3-642-16441-5</json:string>
</eisbn>
<copyrightDate>2010</copyrightDate>
<doi><json:string>10.1007/978-3-642-16441-5</json:string>
</doi>
</host>
<publicationDate>2010</publicationDate>
<copyrightDate>2010</copyrightDate>
<doi><json:string>10.1007/978-3-642-16441-5_2</json:string>
</doi>
<id>8F2D3722365339EDF1BD6DAE7046314810E0FDB7</id>
<score>0.13106164</score>
<fulltext><json:item><original>true</original>
<mimetype>application/pdf</mimetype>
<extension>pdf</extension>
<uri>https://api.istex.fr/document/8F2D3722365339EDF1BD6DAE7046314810E0FDB7/fulltext/pdf</uri>
</json:item>
<json:item><original>false</original>
<mimetype>application/zip</mimetype>
<extension>zip</extension>
<uri>https://api.istex.fr/document/8F2D3722365339EDF1BD6DAE7046314810E0FDB7/fulltext/zip</uri>
</json:item>
<istex:fulltextTEI uri="https://api.istex.fr/document/8F2D3722365339EDF1BD6DAE7046314810E0FDB7/fulltext/tei"><teiHeader><fileDesc><titleStmt><title level="a" type="main" xml:lang="en">A Computational Framework for Certificate Policy Operations</title>
<respStmt xml:id="ISTEX-API" resp="Références bibliographiques récupérées via GROBID" name="ISTEX-API (INIST-CNRS)"></respStmt>
<respStmt><resp>Références bibliographiques récupérées via GROBID</resp>
<name resp="ISTEX-API">ISTEX-API (INIST-CNRS)</name>
</respStmt>
</titleStmt>
<publicationStmt><authority>ISTEX</authority>
<publisher>Springer Berlin Heidelberg</publisher>
<pubPlace>Berlin, Heidelberg</pubPlace>
<availability><p>SPRINGER</p>
</availability>
<date>2010</date>
</publicationStmt>
<sourceDesc><biblStruct type="inbook"><analytic><title level="a" type="main" xml:lang="en">A Computational Framework for Certificate Policy Operations</title>
<author><persName><forename type="first">Gabriel</forename>
<surname>Weaver</surname>
</persName>
<affiliation>Dartmouth College, NH 03755, Hanover, USA</affiliation>
</author>
<author><persName><forename type="first">Scott</forename>
<surname>Rea</surname>
</persName>
<affiliation>Dartmouth College, NH 03755, Hanover, USA</affiliation>
</author>
<author><persName><forename type="first">Sean</forename>
<surname>Smith</surname>
</persName>
<affiliation>Dartmouth College, NH 03755, Hanover, USA</affiliation>
</author>
</analytic>
<monogr><title level="m">Public Key Infrastructures, Services and Applications</title>
<title level="m" type="sub">6th European Workshop, EuroPKI 2009, Pisa, Italy, September 10-11, 2009, Revised Selected Papers</title>
<idno type="pISBN">978-3-642-16440-8</idno>
<idno type="eISBN">978-3-642-16441-5</idno>
<idno type="pISSN">0302-9743</idno>
<idno type="eISSN">1611-3349</idno>
<idno type="DOI">10.1007/978-3-642-16441-5</idno>
<idno type="BookID">978-3-642-16441-5</idno>
<idno type="BookTitleID">214273</idno>
<idno type="BookSequenceNumber">6391</idno>
<idno type="BookVolumeNumber">6391</idno>
<idno type="BookChapterCount">19</idno>
<editor><persName><forename type="first">Fabio</forename>
<surname>Martinelli</surname>
</persName>
<email>Fabio.Martinelli@iit.cnr.it</email>
<affiliation>National Research Council (C.N.R.), Istituto di Informatica e Telematica (IIT), Pisa Research Area, Via. G. Moruzzi 1, 56125, Pisa, Italy</affiliation>
</editor>
<editor><persName><forename type="first">Bart</forename>
<surname>Preneel</surname>
</persName>
<email>bart.preneel@esat.kuleuven.be</email>
<affiliation>Dept. Electrical Engineering-ESAT/COSIC, Katholieke Universiteit Leuven, Kasteelpark Arenberg 10, Bus 2446, 3001, Leuven, Belgium</affiliation>
</editor>
<imprint><publisher>Springer Berlin Heidelberg</publisher>
<pubPlace>Berlin, Heidelberg</pubPlace>
<date type="published" when="2010"></date>
<biblScope unit="volume">6391</biblScope>
<biblScope unit="page" from="17">17</biblScope>
<biblScope unit="page" to="33">33</biblScope>
</imprint>
</monogr>
<series><title level="s">Lecture Notes in Computer Science</title>
<editor><persName><forename type="first">David</forename>
<surname>Hutchison</surname>
</persName>
<affiliation>Lancaster University, Lancaster, UK</affiliation>
</editor>
<editor><persName><forename type="first">Takeo</forename>
<surname>Kanade</surname>
</persName>
<affiliation>Carnegie Mellon University, Pittsburgh, PA, USA</affiliation>
</editor>
<editor><persName><forename type="first">Josef</forename>
<surname>Kittler</surname>
</persName>
<affiliation>University of Surrey, Guildford, UK</affiliation>
</editor>
<editor><persName><forename type="first">Jon</forename>
<forename type="first">M.</forename>
<surname>Kleinberg</surname>
</persName>
<affiliation>Cornell University, Ithaca, NY, USA</affiliation>
</editor>
<editor><persName><forename type="first">Friedemann</forename>
<surname>Mattern</surname>
</persName>
<affiliation>ETH Zurich, Zurich, Switzerland</affiliation>
</editor>
<editor><persName><forename type="first">John</forename>
<forename type="first">C.</forename>
<surname>Mitchell</surname>
</persName>
<affiliation>Stanford University, Stanford, CA, USA</affiliation>
</editor>
<editor><persName><forename type="first">Moni</forename>
<surname>Naor</surname>
</persName>
<affiliation>Weizmann Institute of Science, Rehovot, Israel</affiliation>
</editor>
<editor><persName><forename type="first">Oscar</forename>
<surname>Nierstrasz</surname>
</persName>
<affiliation>University of Bern, Bern, Switzerland</affiliation>
</editor>
<editor><persName><forename type="first">C.</forename>
<surname>Pandu Rangan</surname>
</persName>
<affiliation>Indian Institute of Technology, Madras, India</affiliation>
</editor>
<editor><persName><forename type="first">Bernhard</forename>
<surname>Steffen</surname>
</persName>
<affiliation>University of Dortmund, Dortmund, Germany</affiliation>
</editor>
<editor><persName><forename type="first">Madhu</forename>
<surname>Sudan</surname>
</persName>
<affiliation>Massachusetts Institute of Technology, MA, USA</affiliation>
</editor>
<editor><persName><forename type="first">Demetri</forename>
<surname>Terzopoulos</surname>
</persName>
<affiliation>University of California, Los Angeles, CA, USA</affiliation>
</editor>
<editor><persName><forename type="first">Doug</forename>
<surname>Tygar</surname>
</persName>
<affiliation>University of California, Berkeley, CA, USA</affiliation>
</editor>
<editor><persName><forename type="first">Moshe</forename>
<forename type="first">Y.</forename>
<surname>Vardi</surname>
</persName>
<affiliation>Rice University, Houston, TX, USA</affiliation>
</editor>
<editor><persName><forename type="first">Gerhard</forename>
<surname>Weikum</surname>
</persName>
<affiliation>Max-Planck Institute of Computer Science, Saarbrücken, Germany</affiliation>
</editor>
<biblScope><date>2010</date>
</biblScope>
<idno type="pISSN">0302-9743</idno>
<idno type="eISSN">1611-3349</idno>
<idno type="seriesId">558</idno>
</series>
<idno type="istex">8F2D3722365339EDF1BD6DAE7046314810E0FDB7</idno>
<idno type="DOI">10.1007/978-3-642-16441-5_2</idno>
<idno type="ChapterID">2</idno>
<idno type="ChapterID">Chap2</idno>
</biblStruct>
</sourceDesc>
</fileDesc>
<profileDesc><creation><date>2010</date>
</creation>
<langUsage><language ident="en">en</language>
</langUsage>
<abstract xml:lang="en"><p>Abstract: The trustworthiness of any Public Key Infrastructure (PKI) rests upon the expectations for trust, and the degree to which those expectations are met. Policies, whether implicit as in PGP and SDSI/SPKI or explicitly required as in X.509, document expectations for trust in a PKI. The widespread use of X.509 in the context of global e-Science infrastructures, financial institutions, and the U.S. Federal government demands efficient, transparent, and reproducible policy decisions. Since current manual processes fall short of these goals, we designed, built, and tested computational tools to process the citation schemes of X.509 certificate policies defined in RFC 2527 and RFC 3647. Our PKI Policy Repository, PolicyBuilder, and PolicyReporter improve the consistency of certificate policy operations as actually practiced in compliance audits, grid accreditation, and policy mapping for bridging PKIs. Anecdotal and experimental evaluation of our tools on real-world tasks establishes their actual utility and suggests how machine-actionable policy might empower individuals to make informed trust decisions in the future.</p>
</abstract>
<textClass><keywords scheme="Book Subject Collection"><list><label>SUCO11645</label>
<item><term>Computer Science</term>
</item>
</list>
</keywords>
</textClass>
<textClass><keywords scheme="Book Subject Group"><list><label>I</label>
<label>I13022</label>
<label>I15033</label>
<label>I24067</label>
<label>I16021</label>
<label>I24040</label>
<label>I14050</label>
<item><term>Computer Science</term>
</item>
<item><term>Computer Communication Networks</term>
</item>
<item><term>Data Encryption</term>
</item>
<item><term>Management of Computing and Information Systems</term>
</item>
<item><term>Algorithm Analysis and Problem Complexity</term>
</item>
<item><term>Computers and Society</term>
</item>
<item><term>Systems and Data Security</term>
</item>
</list>
</keywords>
</textClass>
</profileDesc>
<revisionDesc><change when="2010">Published</change>
<change xml:id="refBibs-istex" who="#ISTEX-API" when="2016-3-19">References added</change>
<change xml:id="refBibs-istex" who="#ISTEX-API" when="2016-07-26">References added</change>
</revisionDesc>
</teiHeader>
</istex:fulltextTEI>
<json:item><original>false</original>
<mimetype>text/plain</mimetype>
<extension>txt</extension>
<uri>https://api.istex.fr/document/8F2D3722365339EDF1BD6DAE7046314810E0FDB7/fulltext/txt</uri>
</json:item>
</fulltext>
<metadata><istex:metadataXml wicri:clean="Springer, Publisher found" wicri:toSee="no header"><istex:xmlDeclaration>version="1.0" encoding="UTF-8"</istex:xmlDeclaration>
<istex:docType PUBLIC="-//Springer-Verlag//DTD A++ V2.4//EN" URI="http://devel.springer.de/A++/V2.4/DTD/A++V2.4.dtd" name="istex:docType"></istex:docType>
<istex:document><Publisher><PublisherInfo><PublisherName>Springer Berlin Heidelberg</PublisherName>
<PublisherLocation>Berlin, Heidelberg</PublisherLocation>
</PublisherInfo>
<Series><SeriesInfo SeriesType="Series" TocLevels="0"><SeriesID>558</SeriesID>
<SeriesPrintISSN>0302-9743</SeriesPrintISSN>
<SeriesElectronicISSN>1611-3349</SeriesElectronicISSN>
<SeriesTitle Language="En">Lecture Notes in Computer Science</SeriesTitle>
</SeriesInfo>
<SeriesHeader><EditorGroup><Editor AffiliationIDS="Aff1"><EditorName DisplayOrder="Western"><GivenName>David</GivenName>
<FamilyName>Hutchison</FamilyName>
</EditorName>
</Editor>
<Editor AffiliationIDS="Aff2"><EditorName DisplayOrder="Western"><GivenName>Takeo</GivenName>
<FamilyName>Kanade</FamilyName>
</EditorName>
</Editor>
<Editor AffiliationIDS="Aff3"><EditorName DisplayOrder="Western"><GivenName>Josef</GivenName>
<FamilyName>Kittler</FamilyName>
</EditorName>
</Editor>
<Editor AffiliationIDS="Aff4"><EditorName DisplayOrder="Western"><GivenName>Jon</GivenName>
<GivenName>M.</GivenName>
<FamilyName>Kleinberg</FamilyName>
</EditorName>
</Editor>
<Editor AffiliationIDS="Aff5"><EditorName DisplayOrder="Western"><GivenName>Friedemann</GivenName>
<FamilyName>Mattern</FamilyName>
</EditorName>
</Editor>
<Editor AffiliationIDS="Aff6"><EditorName DisplayOrder="Western"><GivenName>John</GivenName>
<GivenName>C.</GivenName>
<FamilyName>Mitchell</FamilyName>
</EditorName>
</Editor>
<Editor AffiliationIDS="Aff7"><EditorName DisplayOrder="Western"><GivenName>Moni</GivenName>
<FamilyName>Naor</FamilyName>
</EditorName>
</Editor>
<Editor AffiliationIDS="Aff8"><EditorName DisplayOrder="Western"><GivenName>Oscar</GivenName>
<FamilyName>Nierstrasz</FamilyName>
</EditorName>
</Editor>
<Editor AffiliationIDS="Aff9"><EditorName DisplayOrder="Western"><GivenName>C.</GivenName>
<FamilyName>Pandu Rangan</FamilyName>
</EditorName>
</Editor>
<Editor AffiliationIDS="Aff10"><EditorName DisplayOrder="Western"><GivenName>Bernhard</GivenName>
<FamilyName>Steffen</FamilyName>
</EditorName>
</Editor>
<Editor AffiliationIDS="Aff11"><EditorName DisplayOrder="Western"><GivenName>Madhu</GivenName>
<FamilyName>Sudan</FamilyName>
</EditorName>
</Editor>
<Editor AffiliationIDS="Aff12"><EditorName DisplayOrder="Western"><GivenName>Demetri</GivenName>
<FamilyName>Terzopoulos</FamilyName>
</EditorName>
</Editor>
<Editor AffiliationIDS="Aff13"><EditorName DisplayOrder="Western"><GivenName>Doug</GivenName>
<FamilyName>Tygar</FamilyName>
</EditorName>
</Editor>
<Editor AffiliationIDS="Aff14"><EditorName DisplayOrder="Western"><GivenName>Moshe</GivenName>
<GivenName>Y.</GivenName>
<FamilyName>Vardi</FamilyName>
</EditorName>
</Editor>
<Editor AffiliationIDS="Aff15"><EditorName DisplayOrder="Western"><GivenName>Gerhard</GivenName>
<FamilyName>Weikum</FamilyName>
</EditorName>
</Editor>
<Affiliation ID="Aff1"><OrgName>Lancaster University</OrgName>
<OrgAddress><City>Lancaster</City>
<Country>UK</Country>
</OrgAddress>
</Affiliation>
<Affiliation ID="Aff2"><OrgName>Carnegie Mellon University</OrgName>
<OrgAddress><City>Pittsburgh</City>
<State>PA</State>
<Country>USA</Country>
</OrgAddress>
</Affiliation>
<Affiliation ID="Aff3"><OrgName>University of Surrey</OrgName>
<OrgAddress><City>Guildford</City>
<Country>UK</Country>
</OrgAddress>
</Affiliation>
<Affiliation ID="Aff4"><OrgName>Cornell University</OrgName>
<OrgAddress><City>Ithaca</City>
<State>NY</State>
<Country>USA</Country>
</OrgAddress>
</Affiliation>
<Affiliation ID="Aff5"><OrgName>ETH Zurich</OrgName>
<OrgAddress><City>Zurich</City>
<Country>Switzerland</Country>
</OrgAddress>
</Affiliation>
<Affiliation ID="Aff6"><OrgName>Stanford University</OrgName>
<OrgAddress><City>Stanford</City>
<State>CA</State>
<Country>USA</Country>
</OrgAddress>
</Affiliation>
<Affiliation ID="Aff7"><OrgName>Weizmann Institute of Science</OrgName>
<OrgAddress><City>Rehovot</City>
<Country>Israel</Country>
</OrgAddress>
</Affiliation>
<Affiliation ID="Aff8"><OrgName>University of Bern</OrgName>
<OrgAddress><City>Bern</City>
<Country>Switzerland</Country>
</OrgAddress>
</Affiliation>
<Affiliation ID="Aff9"><OrgName>Indian Institute of Technology</OrgName>
<OrgAddress><City>Madras</City>
<Country>India</Country>
</OrgAddress>
</Affiliation>
<Affiliation ID="Aff10"><OrgName>University of Dortmund</OrgName>
<OrgAddress><City>Dortmund</City>
<Country>Germany</Country>
</OrgAddress>
</Affiliation>
<Affiliation ID="Aff11"><OrgName>Massachusetts Institute of Technology</OrgName>
<OrgAddress><State>MA</State>
<Country>USA</Country>
</OrgAddress>
</Affiliation>
<Affiliation ID="Aff12"><OrgName>University of California</OrgName>
<OrgAddress><City>Los Angeles</City>
<State>CA</State>
<Country>USA</Country>
</OrgAddress>
</Affiliation>
<Affiliation ID="Aff13"><OrgName>University of California</OrgName>
<OrgAddress><City>Berkeley</City>
<State>CA</State>
<Country>USA</Country>
</OrgAddress>
</Affiliation>
<Affiliation ID="Aff14"><OrgName>Rice University</OrgName>
<OrgAddress><City>Houston</City>
<State>TX</State>
<Country>USA</Country>
</OrgAddress>
</Affiliation>
<Affiliation ID="Aff15"><OrgName>Max-Planck Institute of Computer Science</OrgName>
<OrgAddress><City>Saarbrücken</City>
<Country>Germany</Country>
</OrgAddress>
</Affiliation>
</EditorGroup>
</SeriesHeader>
<Book Language="En"><BookInfo BookProductType="Proceedings" ContainsESM="No" Language="En" MediaType="eBook" NumberingDepth="2" NumberingStyle="ContentOnly" OutputMedium="All" TocLevels="0"><BookID>978-3-642-16441-5</BookID>
<BookTitle>Public Key Infrastructures, Services and Applications</BookTitle>
<BookSubTitle>6th European Workshop, EuroPKI 2009, Pisa, Italy, September 10-11, 2009, Revised Selected Papers</BookSubTitle>
<BookVolumeNumber>6391</BookVolumeNumber>
<BookSequenceNumber>6391</BookSequenceNumber>
<BookDOI>10.1007/978-3-642-16441-5</BookDOI>
<BookTitleID>214273</BookTitleID>
<BookPrintISBN>978-3-642-16440-8</BookPrintISBN>
<BookElectronicISBN>978-3-642-16441-5</BookElectronicISBN>
<BookChapterCount>19</BookChapterCount>
<BookCopyright><CopyrightHolderName>Springer Berlin Heidelberg</CopyrightHolderName>
<CopyrightYear>2010</CopyrightYear>
</BookCopyright>
<BookSubjectGroup><BookSubject Code="I" Type="Primary">Computer Science</BookSubject>
<BookSubject Code="I13022" Priority="1" Type="Secondary">Computer Communication Networks</BookSubject>
<BookSubject Code="I15033" Priority="2" Type="Secondary">Data Encryption</BookSubject>
<BookSubject Code="I24067" Priority="3" Type="Secondary">Management of Computing and Information Systems</BookSubject>
<BookSubject Code="I16021" Priority="4" Type="Secondary">Algorithm Analysis and Problem Complexity</BookSubject>
<BookSubject Code="I24040" Priority="5" Type="Secondary">Computers and Society</BookSubject>
<BookSubject Code="I14050" Priority="6" Type="Secondary">Systems and Data Security</BookSubject>
<SubjectCollection Code="SUCO11645">Computer Science</SubjectCollection>
</BookSubjectGroup>
<BookContext><SeriesID>558</SeriesID>
</BookContext>
</BookInfo>
<BookHeader><EditorGroup><Editor AffiliationIDS="Aff16"><EditorName DisplayOrder="Western"><GivenName>Fabio</GivenName>
<FamilyName>Martinelli</FamilyName>
</EditorName>
<Contact><Email>Fabio.Martinelli@iit.cnr.it</Email>
</Contact>
</Editor>
<Editor AffiliationIDS="Aff17"><EditorName DisplayOrder="Western"><GivenName>Bart</GivenName>
<FamilyName>Preneel</FamilyName>
</EditorName>
<Contact><Email>bart.preneel@esat.kuleuven.be</Email>
</Contact>
</Editor>
<Affiliation ID="Aff16"><OrgDivision>National Research Council (C.N.R.)</OrgDivision>
<OrgName>Istituto di Informatica e Telematica (IIT)</OrgName>
<OrgAddress><Street>Pisa Research Area, Via. G. Moruzzi 1</Street>
<Postcode>56125</Postcode>
<City>Pisa</City>
<Country>Italy</Country>
</OrgAddress>
</Affiliation>
<Affiliation ID="Aff17"><OrgDivision>Dept. Electrical Engineering-ESAT/COSIC</OrgDivision>
<OrgName>Katholieke Universiteit Leuven</OrgName>
<OrgAddress><Street>Kasteelpark Arenberg 10</Street>
<Postbox>Bus 2446</Postbox>
<Postcode>3001</Postcode>
<City>Leuven</City>
<Country>Belgium</Country>
</OrgAddress>
</Affiliation>
</EditorGroup>
</BookHeader>
<Part ID="Part2"><PartInfo TocLevels="0"><PartID>2</PartID>
<PartSequenceNumber>2</PartSequenceNumber>
<PartTitle>Certificates and Revocation</PartTitle>
<PartChapterCount>3</PartChapterCount>
<PartContext><SeriesID>558</SeriesID>
<BookTitle>Public Key Infrastructures, Services and Applications</BookTitle>
</PartContext>
</PartInfo>
<Chapter ID="Chap2" Language="En"><ChapterInfo ChapterType="OriginalPaper" ContainsESM="No" NumberingDepth="2" NumberingStyle="ContentOnly" TocLevels="0"><ChapterID>2</ChapterID>
<ChapterDOI>10.1007/978-3-642-16441-5_2</ChapterDOI>
<ChapterSequenceNumber>2</ChapterSequenceNumber>
<ChapterTitle Language="En">A Computational Framework for Certificate Policy Operations</ChapterTitle>
<ChapterFirstPage>17</ChapterFirstPage>
<ChapterLastPage>33</ChapterLastPage>
<ChapterCopyright><CopyrightHolderName>Springer-Verlag Berlin Heidelberg</CopyrightHolderName>
<CopyrightYear>2010</CopyrightYear>
</ChapterCopyright>
<ChapterGrants Type="Regular"><MetadataGrant Grant="OpenAccess"></MetadataGrant>
<AbstractGrant Grant="OpenAccess"></AbstractGrant>
<BodyPDFGrant Grant="Restricted"></BodyPDFGrant>
<BodyHTMLGrant Grant="Restricted"></BodyHTMLGrant>
<BibliographyGrant Grant="Restricted"></BibliographyGrant>
<ESMGrant Grant="Restricted"></ESMGrant>
</ChapterGrants>
<ChapterContext><SeriesID>558</SeriesID>
<PartID>2</PartID>
<BookID>978-3-642-16441-5</BookID>
<BookTitle>Public Key Infrastructures, Services and Applications</BookTitle>
</ChapterContext>
</ChapterInfo>
<ChapterHeader><AuthorGroup><Author AffiliationIDS="Aff18"><AuthorName DisplayOrder="Western"><GivenName>Gabriel</GivenName>
<GivenName>A.</GivenName>
<FamilyName>Weaver</FamilyName>
</AuthorName>
</Author>
<Author AffiliationIDS="Aff18"><AuthorName DisplayOrder="Western"><GivenName>Scott</GivenName>
<FamilyName>Rea</FamilyName>
</AuthorName>
</Author>
<Author AffiliationIDS="Aff18"><AuthorName DisplayOrder="Western"><GivenName>Sean</GivenName>
<GivenName>W.</GivenName>
<FamilyName>Smith</FamilyName>
</AuthorName>
</Author>
<Affiliation ID="Aff18"><OrgName>Dartmouth College</OrgName>
<OrgAddress><City>Hanover</City>
<Postcode>NH 03755</Postcode>
<Country>USA</Country>
</OrgAddress>
</Affiliation>
</AuthorGroup>
<Abstract ID="Abs1" Language="En"><Heading>Abstract</Heading>
<Para>The trustworthiness of any Public Key Infrastructure (PKI) rests upon the expectations for trust, and the degree to which those expectations are met. Policies, whether implicit as in PGP and SDSI/SPKI or explicitly required as in X.509, document expectations for trust in a PKI. The widespread use of X.509 in the context of global e-Science infrastructures, financial institutions, and the U.S. Federal government demands efficient, transparent, and reproducible policy decisions. Since current <Emphasis Type="Italic">manual</Emphasis>
 processes fall short of these goals, we designed, built, and tested <Emphasis Type="Italic">computational</Emphasis>
 tools to process the citation schemes of X.509 certificate policies defined in RFC 2527 and RFC 3647. Our <Emphasis Type="Italic">PKI Policy Repository</Emphasis>
, <Emphasis Type="Italic">PolicyBuilder</Emphasis>
, and <Emphasis Type="Italic">PolicyReporter</Emphasis>
 improve the consistency of certificate policy operations as actually practiced in compliance audits, grid accreditation, and policy mapping for bridging PKIs. Anecdotal and experimental evaluation of our tools on real-world tasks establishes their actual utility and suggests how machine-actionable policy might empower individuals to make informed trust decisions in the future.</Para>
</Abstract>
<KeywordGroup Language="En"><Heading>Keywords</Heading>
<Keyword>PKI</Keyword>
<Keyword>Certificate Policy Formalization</Keyword>
<Keyword>XML</Keyword>
</KeywordGroup>
<ArticleNote Type="Misc"><SimplePara>This work was supported in part by the NSF (under grant CNS-0448499), the U.S. Department of Homeland Security (under Grant Award Number 2006-CS-001-000001), and AT&T. The views and conclusions contained in this document are those of the authors and should not be interpreted as necessarily representing the official policies, either expressed or implied, of any of the sponsors.</SimplePara>
</ArticleNote>
</ChapterHeader>
<NoBody></NoBody>
</Chapter>
</Part>
</Book>
</Series>
</Publisher>
</istex:document>
</istex:metadataXml>
<mods version="3.6"><titleInfo lang="en"><title>A Computational Framework for Certificate Policy Operations</title>
</titleInfo>
<titleInfo type="alternative" contentType="CDATA" lang="en"><title>A Computational Framework for Certificate Policy Operations</title>
</titleInfo>
<name type="personal"><namePart type="given">Gabriel</namePart>
<namePart type="given">A.</namePart>
<namePart type="family">Weaver</namePart>
<affiliation>Dartmouth College, NH 03755, Hanover, USA</affiliation>
<role><roleTerm type="text">author</roleTerm>
</role>
</name>
<name type="personal"><namePart type="given">Scott</namePart>
<namePart type="family">Rea</namePart>
<affiliation>Dartmouth College, NH 03755, Hanover, USA</affiliation>
<role><roleTerm type="text">author</roleTerm>
</role>
</name>
<name type="personal"><namePart type="given">Sean</namePart>
<namePart type="given">W.</namePart>
<namePart type="family">Smith</namePart>
<affiliation>Dartmouth College, NH 03755, Hanover, USA</affiliation>
<role><roleTerm type="text">author</roleTerm>
</role>
</name>
<typeOfResource>text</typeOfResource>
<genre type="conference" displayLabel="OriginalPaper"></genre>
<originInfo><publisher>Springer Berlin Heidelberg</publisher>
<place><placeTerm type="text">Berlin, Heidelberg</placeTerm>
</place>
<dateIssued encoding="w3cdtf">2010</dateIssued>
<copyrightDate encoding="w3cdtf">2010</copyrightDate>
</originInfo>
<language><languageTerm type="code" authority="rfc3066">en</languageTerm>
<languageTerm type="code" authority="iso639-2b">eng</languageTerm>
</language>
<physicalDescription><internetMediaType>text/html</internetMediaType>
</physicalDescription>
<abstract lang="en">Abstract: The trustworthiness of any Public Key Infrastructure (PKI) rests upon the expectations for trust, and the degree to which those expectations are met. Policies, whether implicit as in PGP and SDSI/SPKI or explicitly required as in X.509, document expectations for trust in a PKI. The widespread use of X.509 in the context of global e-Science infrastructures, financial institutions, and the U.S. Federal government demands efficient, transparent, and reproducible policy decisions. Since current manual processes fall short of these goals, we designed, built, and tested computational tools to process the citation schemes of X.509 certificate policies defined in RFC 2527 and RFC 3647. Our PKI Policy Repository, PolicyBuilder, and PolicyReporter improve the consistency of certificate policy operations as actually practiced in compliance audits, grid accreditation, and policy mapping for bridging PKIs. Anecdotal and experimental evaluation of our tools on real-world tasks establishes their actual utility and suggests how machine-actionable policy might empower individuals to make informed trust decisions in the future.</abstract>
<relatedItem type="host"><titleInfo><title>Public Key Infrastructures, Services and Applications</title>
<subTitle>6th European Workshop, EuroPKI 2009, Pisa, Italy, September 10-11, 2009, Revised Selected Papers</subTitle>
</titleInfo>
<name type="personal"><namePart type="given">Fabio</namePart>
<namePart type="family">Martinelli</namePart>
<affiliation>National Research Council (C.N.R.), Istituto di Informatica e Telematica (IIT), Pisa Research Area, Via. G. Moruzzi 1, 56125, Pisa, Italy</affiliation>
<affiliation>E-mail: Fabio.Martinelli@iit.cnr.it</affiliation>
<role><roleTerm type="text">editor</roleTerm>
</role>
</name>
<name type="personal"><namePart type="given">Bart</namePart>
<namePart type="family">Preneel</namePart>
<affiliation>Dept. Electrical Engineering-ESAT/COSIC, Katholieke Universiteit Leuven, Kasteelpark Arenberg 10, Bus 2446, 3001, Leuven, Belgium</affiliation>
<affiliation>E-mail: bart.preneel@esat.kuleuven.be</affiliation>
<role><roleTerm type="text">editor</roleTerm>
</role>
</name>
<genre type="book-series" displayLabel="Proceedings"></genre>
<originInfo><copyrightDate encoding="w3cdtf">2010</copyrightDate>
<issuance>monographic</issuance>
</originInfo>
<subject><genre>Book-Subject-Collection</genre>
<topic authority="SpringerSubjectCodes" authorityURI="SUCO11645">Computer Science</topic>
</subject>
<subject><genre>Book-Subject-Group</genre>
<topic authority="SpringerSubjectCodes" authorityURI="I">Computer Science</topic>
<topic authority="SpringerSubjectCodes" authorityURI="I13022">Computer Communication Networks</topic>
<topic authority="SpringerSubjectCodes" authorityURI="I15033">Data Encryption</topic>
<topic authority="SpringerSubjectCodes" authorityURI="I24067">Management of Computing and Information Systems</topic>
<topic authority="SpringerSubjectCodes" authorityURI="I16021">Algorithm Analysis and Problem Complexity</topic>
<topic authority="SpringerSubjectCodes" authorityURI="I24040">Computers and Society</topic>
<topic authority="SpringerSubjectCodes" authorityURI="I14050">Systems and Data Security</topic>
</subject>
<identifier type="DOI">10.1007/978-3-642-16441-5</identifier>
<identifier type="ISBN">978-3-642-16440-8</identifier>
<identifier type="eISBN">978-3-642-16441-5</identifier>
<identifier type="ISSN">0302-9743</identifier>
<identifier type="eISSN">1611-3349</identifier>
<identifier type="BookTitleID">214273</identifier>
<identifier type="BookID">978-3-642-16441-5</identifier>
<identifier type="BookChapterCount">19</identifier>
<identifier type="BookVolumeNumber">6391</identifier>
<identifier type="BookSequenceNumber">6391</identifier>
<identifier type="PartChapterCount">3</identifier>
<part><date>2010</date>
<detail type="part"><title>Certificates and Revocation</title>
</detail>
<detail type="volume"><number>6391</number>
<caption>vol.</caption>
</detail>
<extent unit="pages"><start>17</start>
<end>33</end>
</extent>
</part>
<recordInfo><recordOrigin>Springer Berlin Heidelberg, 2010</recordOrigin>
</recordInfo>
</relatedItem>
<relatedItem type="series"><titleInfo><title>Lecture Notes in Computer Science</title>
</titleInfo>
<name type="personal"><namePart type="given">David</namePart>
<namePart type="family">Hutchison</namePart>
<affiliation>Lancaster University, Lancaster, UK</affiliation>
<role><roleTerm type="text">editor</roleTerm>
</role>
</name>
<name type="personal"><namePart type="given">Takeo</namePart>
<namePart type="family">Kanade</namePart>
<affiliation>Carnegie Mellon University, Pittsburgh, PA, USA</affiliation>
<role><roleTerm type="text">editor</roleTerm>
</role>
</name>
<name type="personal"><namePart type="given">Josef</namePart>
<namePart type="family">Kittler</namePart>
<affiliation>University of Surrey, Guildford, UK</affiliation>
<role><roleTerm type="text">editor</roleTerm>
</role>
</name>
<name type="personal"><namePart type="given">Jon</namePart>
<namePart type="given">M.</namePart>
<namePart type="family">Kleinberg</namePart>
<affiliation>Cornell University, Ithaca, NY, USA</affiliation>
<role><roleTerm type="text">editor</roleTerm>
</role>
</name>
<name type="personal"><namePart type="given">Friedemann</namePart>
<namePart type="family">Mattern</namePart>
<affiliation>ETH Zurich, Zurich, Switzerland</affiliation>
<role><roleTerm type="text">editor</roleTerm>
</role>
</name>
<name type="personal"><namePart type="given">John</namePart>
<namePart type="given">C.</namePart>
<namePart type="family">Mitchell</namePart>
<affiliation>Stanford University, Stanford, CA, USA</affiliation>
<role><roleTerm type="text">editor</roleTerm>
</role>
</name>
<name type="personal"><namePart type="given">Moni</namePart>
<namePart type="family">Naor</namePart>
<affiliation>Weizmann Institute of Science, Rehovot, Israel</affiliation>
<role><roleTerm type="text">editor</roleTerm>
</role>
</name>
<name type="personal"><namePart type="given">Oscar</namePart>
<namePart type="family">Nierstrasz</namePart>
<affiliation>University of Bern, Bern, Switzerland</affiliation>
<role><roleTerm type="text">editor</roleTerm>
</role>
</name>
<name type="personal"><namePart type="given">C.</namePart>
<namePart type="family">Pandu Rangan</namePart>
<affiliation>Indian Institute of Technology, Madras, India</affiliation>
<role><roleTerm type="text">editor</roleTerm>
</role>
</name>
<name type="personal"><namePart type="given">Bernhard</namePart>
<namePart type="family">Steffen</namePart>
<affiliation>University of Dortmund, Dortmund, Germany</affiliation>
<role><roleTerm type="text">editor</roleTerm>
</role>
</name>
<name type="personal"><namePart type="given">Madhu</namePart>
<namePart type="family">Sudan</namePart>
<affiliation>Massachusetts Institute of Technology, MA, USA</affiliation>
<role><roleTerm type="text">editor</roleTerm>
</role>
</name>
<name type="personal"><namePart type="given">Demetri</namePart>
<namePart type="family">Terzopoulos</namePart>
<affiliation>University of California, Los Angeles, CA, USA</affiliation>
<role><roleTerm type="text">editor</roleTerm>
</role>
</name>
<name type="personal"><namePart type="given">Doug</namePart>
<namePart type="family">Tygar</namePart>
<affiliation>University of California, Berkeley, CA, USA</affiliation>
<role><roleTerm type="text">editor</roleTerm>
</role>
</name>
<name type="personal"><namePart type="given">Moshe</namePart>
<namePart type="given">Y.</namePart>
<namePart type="family">Vardi</namePart>
<affiliation>Rice University, Houston, TX, USA</affiliation>
<role><roleTerm type="text">editor</roleTerm>
</role>
</name>
<name type="personal"><namePart type="given">Gerhard</namePart>
<namePart type="family">Weikum</namePart>
<affiliation>Max-Planck Institute of Computer Science, Saarbrücken, Germany</affiliation>
<role><roleTerm type="text">editor</roleTerm>
</role>
</name>
<originInfo><copyrightDate encoding="w3cdtf">2010</copyrightDate>
<issuance>serial</issuance>
</originInfo>
<identifier type="ISSN">0302-9743</identifier>
<identifier type="eISSN">1611-3349</identifier>
<identifier type="SeriesID">558</identifier>
<recordInfo><recordOrigin>Springer Berlin Heidelberg, 2010</recordOrigin>
</recordInfo>
</relatedItem>
<identifier type="istex">8F2D3722365339EDF1BD6DAE7046314810E0FDB7</identifier>
<identifier type="DOI">10.1007/978-3-642-16441-5_2</identifier>
<identifier type="ChapterID">2</identifier>
<identifier type="ChapterID">Chap2</identifier>
<accessCondition type="use and reproduction" contentType="copyright">Springer Berlin Heidelberg, 2010</accessCondition>
<recordInfo><recordContentSource>SPRINGER</recordContentSource>
<recordOrigin>Springer-Verlag Berlin Heidelberg, 2010</recordOrigin>
</recordInfo>
</mods>
</metadata>
<enrichments><istex:refBibTEI uri="https://api.istex.fr/document/8F2D3722365339EDF1BD6DAE7046314810E0FDB7/enrichments/refBib"><teiHeader></teiHeader>
<text><front></front>
<body></body>
<back><listBibl><biblStruct xml:id="b0"><monogr><title level="m" type="main">Reformatting Entity CP's into RFC 3647 Format</title>
<author><persName><forename type="first">P</forename>
<surname>Alterman</surname>
</persName>
</author>
<imprint><date type="published" when="2006-11"></date>
</imprint>
</monogr>
</biblStruct>
<biblStruct xml:id="b1"><analytic><title level="a" type="main">Decentralized Trust Management</title>
<author><persName><forename type="first">M</forename>
<surname>Blaze</surname>
</persName>
</author>
<author><persName><forename type="first">J</forename>
<surname>Feigenbaum</surname>
</persName>
</author>
<author><persName><forename type="first">J</forename>
<surname>Lacy</surname>
</persName>
</author>
</analytic>
<monogr><title level="m">IEEE Symposium on Security and Privacy</title>
<imprint><date type="published" when="1996"></date>
<biblScope unit="page" from="164" to="173"></biblScope>
</imprint>
</monogr>
</biblStruct>
<biblStruct xml:id="b2"><monogr><title level="m" type="main">RFC 2119: Key words for use in RFCs to Indicate Requirement Levels</title>
<author><persName><forename type="first">S</forename>
<surname>Bradner</surname>
</persName>
</author>
<imprint><date type="published" when="1997-03"></date>
</imprint>
</monogr>
</biblStruct>
<biblStruct xml:id="b3"><monogr><title level="m" type="main">TEI P5: Guidelines for Electronic Text Encoding and Interchange</title>
<author><persName><forename type="first">L</forename>
<surname>Burnard</surname>
</persName>
</author>
<author><persName><forename type="first">S</forename>
<surname>Bauman</surname>
</persName>
</author>
<imprint><date type="published" when="2007"></date>
</imprint>
</monogr>
<note>5th. edn</note>
</biblStruct>
<biblStruct xml:id="b4"><monogr><title level="m" type="main">Assertions and Protocols for the OASIS Security Assertion Markup Language</title>
<author><persName><forename type="first">S</forename>
<surname>Cantor</surname>
</persName>
</author>
<author><persName><forename type="first">J</forename>
<surname>Kemp</surname>
</persName>
</author>
<author><persName><forename type="first">R</forename>
<surname>Philpott</surname>
</persName>
</author>
<author><persName><forename type="first">E</forename>
<surname>Maler</surname>
</persName>
</author>
<imprint><date type="published" when="2005"></date>
</imprint>
</monogr>
</biblStruct>
<biblStruct xml:id="b5"><analytic><title level="a" type="main">An Innovative Policy-Based Cross Certification Methodology for Public Key Infrastructures Policy Formalization to Combine Separate Systems into Larger Connected Network of Trust</title>
<author><persName><forename type="first">V</forename>
<surname>Casola</surname>
</persName>
</author>
<author><persName><forename type="first">A</forename>
<surname>Mazzeo</surname>
</persName>
</author>
<author><persName><forename type="first">N</forename>
<surname>Mazzocca</surname>
</persName>
</author>
<author><persName><forename type="first">M</forename>
<surname>Rak</surname>
</persName>
</author>
</analytic>
<monogr><title level="m">EuroPKI 2005</title>
<editor>Chadwick, D., Zhao, G.</editor>
<meeting><address><addrLine>Heidelberg ; Casola, V., Mazzeo, A., Mazzocca, N., Vittorini, V.</addrLine>
</address>
</meeting>
<imprint><publisher>Springer</publisher>
<date type="published" when="2002"></date>
<biblScope unit="page" from="100" to="117"></biblScope>
</imprint>
</monogr>
</biblStruct>
<biblStruct xml:id="b6"><monogr><title level="m" type="main">RBAC Policies in XML for X.509 Based Privilege Management</title>
<author><persName><forename type="first">D</forename>
<forename type="middle">W</forename>
<surname>Chadwick</surname>
</persName>
</author>
<author><persName><forename type="first">A</forename>
<surname>Otenko</surname>
</persName>
</author>
<imprint><date type="published" when="2002"></date>
<publisher>SEC</publisher>
<biblScope unit="page">39</biblScope>
</imprint>
</monogr>
</biblStruct>
<biblStruct xml:id="b7"><analytic><title level="a" type="main">The Virtuous Circle of Expressing Authorization Policies</title>
<author><persName><forename type="first">D</forename>
<forename type="middle">W</forename>
<surname>Chadwick</surname>
</persName>
</author>
<author><persName><forename type="first">A</forename>
<surname>Sasse</surname>
</persName>
</author>
</analytic>
<monogr><title level="m">Semantic Web Policy Workshop</title>
<imprint><date type="published" when="2006"></date>
</imprint>
</monogr>
</biblStruct>
<biblStruct xml:id="b8"><monogr><title level="m" type="main">RFC 2527: Internet X.509 Public Key Infrastructure Certificate Policy and Certification Practices Framework</title>
<author><persName><forename type="first">S</forename>
<surname>Chokhani</surname>
</persName>
</author>
<author><persName><forename type="first">W</forename>
<surname>Ford</surname>
</persName>
</author>
<imprint><date type="published" when="1999-03"></date>
</imprint>
</monogr>
</biblStruct>
<biblStruct xml:id="b9"><analytic><title></title>
<author><persName><forename type="first">S</forename>
<surname>Chokhani</surname>
</persName>
</author>
<author><persName><forename type="first">W</forename>
<surname>Ford</surname>
</persName>
</author>
<author><persName><forename type="first">R</forename>
<surname>Sabett</surname>
</persName>
</author>
<author><persName><forename type="first">C</forename>
<surname>Merrill</surname>
</persName>
</author>
<author><persName><forename type="first">S</forename>
<surname>Wu</surname>
</persName>
</author>
</analytic>
<monogr><title level="m">Internet X.509 Public Key Infrastructure Certificate Policy and Certification Practices Framework</title>
<imprint><date type="published" when="2003-11"></date>
</imprint>
</monogr>
</biblStruct>
<biblStruct xml:id="b10"><monogr><title level="m" type="main">The Perseus Digital Library from http</title>
<author><persName><forename type="first">G</forename>
<surname>Crane</surname>
</persName>
</author>
<imprint><date type="published" when="2009-03-29"></date>
</imprint>
</monogr>
</biblStruct>
<biblStruct xml:id="b11"><monogr><title level="m" type="main">CTS-URNs: Overview</title>
<author><persName><forename type="first">D</forename>
<surname>Smith</surname>
</persName>
</author>
<imprint><date type="published" when="2008-12"></date>
</imprint>
</monogr>
</biblStruct>
<biblStruct xml:id="b12"><monogr><title level="m" type="main">The Homer Multitext Project</title>
<author><persName><forename type="first">C</forename>
<surname>Dué</surname>
</persName>
</author>
<author><persName><forename type="first">M</forename>
<surname>Ebbott</surname>
</persName>
</author>
<author><persName><forename type="first">C</forename>
<surname>Blackwell</surname>
</persName>
</author>
<author><persName><forename type="first">D</forename>
<surname>Smith</surname>
</persName>
</author>
<imprint><date type="published" when="2007-03-29"></date>
</imprint>
</monogr>
</biblStruct>
<biblStruct xml:id="b13"><monogr><title level="m" type="main">The Implementation of a System for Evaluating Trust in a PKI Environment. Paper presented at the Trust in the Network Economy</title>
<author><persName><forename type="first">E</forename>
<surname>Ball</surname>
</persName>
</author>
<author><persName><forename type="first">D</forename>
<forename type="middle">W</forename>
<surname>Chadwick</surname>
</persName>
</author>
<author><persName><forename type="first">A</forename>
<surname>Basden</surname>
</persName>
</author>
<imprint><date type="published" when="2003"></date>
<pubPlace>Evolaris</pubPlace>
</imprint>
</monogr>
</biblStruct>
<biblStruct xml:id="b14"><analytic><title></title>
<author><persName><surname>Anonymized For Submission</surname>
</persName>
</author>
</analytic>
<monogr><title level="m">Canonical Text Services CTS</title>
<imprint><date type="published" when="2009-03-29"></date>
</imprint>
</monogr>
</biblStruct>
<biblStruct xml:id="b15"><monogr><title></title>
<author><persName><forename type="first">R</forename>
<surname>Gold</surname>
</persName>
</author>
<imprint><date type="published" when="1997"></date>
</imprint>
</monogr>
</biblStruct>
<biblStruct xml:id="b16"><analytic><title level="a" type="main">Security Policies in OSI-Management Experiences from the DeTeBerkom Project BMSec</title>
<author><persName><forename type="first">R</forename>
<surname>Grimm</surname>
</persName>
</author>
<author><persName><forename type="first">T</forename>
<surname>Hetschold</surname>
</persName>
</author>
</analytic>
<monogr><title level="j">Computer Networks and ISDN Systems</title>
<imprint><biblScope unit="volume">28</biblScope>
<biblScope unit="page">499</biblScope>
<date type="published" when="1996"></date>
</imprint>
</monogr>
</biblStruct>
<biblStruct xml:id="b17"><monogr><title level="m" type="main">Planning for PKI: Best Practices Guide for Deploying Public Key Infrastructure</title>
<author><persName><forename type="first">R</forename>
<surname>Housley</surname>
</persName>
</author>
<author><persName><forename type="first">T</forename>
<surname>Polk</surname>
</persName>
</author>
<imprint><date type="published" when="2001-03-29"></date>
<publisher>Wiley Computer Publishing</publisher>
<pubPlace>Chichester</pubPlace>
</imprint>
</monogr>
</biblStruct>
<biblStruct xml:id="b18"><monogr><title level="m" type="main">Public Key Infrastructure for Financial Services—Practices and Policy Framework</title>
<author><persName><forename type="first">Iso</forename>
<surname>21188</surname>
</persName>
</author>
<imprint><date type="published" when="2006"></date>
</imprint>
</monogr>
</biblStruct>
<biblStruct xml:id="b19"><monogr><title level="m" type="main">Presentation for the CAOPS-IGTF session at OGF25</title>
<author><persName><forename type="first">J</forename>
<surname>Jensen</surname>
</persName>
</author>
<imprint><date type="published" when="2009-03"></date>
</imprint>
</monogr>
</biblStruct>
<biblStruct xml:id="b20"><analytic><title level="a" type="main">A Formalisation and Evaluation of Certificate Policies</title>
<author><persName><forename type="first">T</forename>
<surname>Klobucar</surname>
</persName>
</author>
<author><persName><forename type="first">B</forename>
<forename type="middle">J</forename>
<surname>Blazic</surname>
</persName>
</author>
</analytic>
<monogr><title level="j">Computer Communications</title>
<imprint><biblScope unit="volume">22</biblScope>
<biblScope unit="page">1104</biblScope>
<date type="published" when="1999"></date>
</imprint>
</monogr>
</biblStruct>
<biblStruct xml:id="b21"><analytic><title level="a" type="main">Auditing and Certification of a Public Key Infrastructure</title>
<author><persName><forename type="first">R</forename>
<surname>Koorn</surname>
</persName>
</author>
<author><persName><forename type="first">P</forename>
<surname>Van Walsem</surname>
</persName>
</author>
<author><persName><forename type="first">M</forename>
<surname>Lundin</surname>
</persName>
</author>
</analytic>
<monogr><title level="j">Information Systems Control Journal</title>
<imprint><biblScope unit="volume">5</biblScope>
<date type="published" when="2002"></date>
</imprint>
</monogr>
</biblStruct>
<biblStruct xml:id="b22"><analytic><title level="a" type="main">A New Approach to the X.509 Framework: Allowing a Global Authentication Infrastructure without a Global Trust Model</title>
<author><persName><forename type="first">S</forename>
<surname>Mendes</surname>
</persName>
</author>
<author><persName><forename type="first">C</forename>
<surname>Huitema</surname>
</persName>
</author>
</analytic>
<monogr><title level="m">Network and Distributed System Security</title>
<imprint><date type="published" when="1995"></date>
<biblScope unit="page" from="172" to="189"></biblScope>
</imprint>
</monogr>
</biblStruct>
<biblStruct xml:id="b23"><monogr><title level="m" type="main">eXtensible Access Control Markup Language XACML Version 2</title>
<author><persName><forename type="first">T</forename>
<surname>Moses</surname>
</persName>
</author>
<imprint><date type="published" when="2005"></date>
</imprint>
</monogr>
</biblStruct>
<biblStruct xml:id="b24"><analytic><title level="a" type="main">Extending PKI Interoperability in Computational Grids</title>
<author><persName><forename type="first">M</forename>
<surname>Pala</surname>
</persName>
</author>
<author><persName><forename type="first">S</forename>
<surname>Cholia</surname>
</persName>
</author>
<author><persName><forename type="first">S</forename>
<surname>Rea</surname>
</persName>
</author>
<author><persName><forename type="first">S</forename>
<surname>Smith</surname>
</persName>
</author>
</analytic>
<monogr><title level="m">IEEE International Symposium on Cluster Computing and the Grid</title>
<imprint><date type="published" when="2008"></date>
<biblScope unit="page" from="645" to="650"></biblScope>
</imprint>
</monogr>
</biblStruct>
<biblStruct xml:id="b25"><monogr><title level="m" type="main">Beginning XML Databases</title>
<author><persName><forename type="first">G</forename>
<surname>Powell</surname>
</persName>
</author>
<imprint><date type="published" when="2007"></date>
<publisher>Wiley Publishing</publisher>
<biblScope unit="page">260</biblScope>
<pubPlace>Chichester</pubPlace>
</imprint>
</monogr>
</biblStruct>
<biblStruct xml:id="b26"><analytic><title level="a" type="main">A Critical View on RFC 3647 Anonymized For Submission. Applying Domain Knowledge from Structured Citation Formats to Text and Data Mining: Examples Using the CITE Architecture</title>
<author><persName><forename type="first">K</forename>
<surname>Schmeh</surname>
</persName>
</author>
</analytic>
<monogr><title level="m">EuroPKI 2007 Text Mining Services</title>
<editor>López, J., Samarati, P., Ferrer, J.L.</editor>
<meeting><address><addrLine>Heidelberg</addrLine>
</address>
</meeting>
<imprint><publisher>Springer</publisher>
<date type="published" when="2007"></date>
<biblScope unit="page" from="369" to="32"></biblScope>
</imprint>
</monogr>
</biblStruct>
<biblStruct xml:id="b27"><analytic><title level="a" type="main">Guidelines for Auditing Grid CAs version 1</title>
<author><persName><forename type="first">Y</forename>
<surname>Tanaka</surname>
</persName>
</author>
<author><persName><forename type="first">M</forename>
<surname>Viljoen</surname>
</persName>
</author>
<author><persName><forename type="first">S</forename>
<surname>Rea</surname>
</persName>
</author>
</analytic>
<monogr><title level="m">AuditGuidelines-Feb26_2009.pdf</title>
<imprint><date type="published" when="2009-02"></date>
</imprint>
</monogr>
</biblStruct>
<biblStruct xml:id="b28"><analytic><title level="a" type="main">Security Policy Space Definition and Structuring</title>
<author><persName><forename type="first">D</forename>
<surname>Trcek</surname>
</persName>
</author>
<author><persName><forename type="first">B</forename>
<surname>Jerman-Blazic</surname>
</persName>
</author>
<author><persName><forename type="first">N</forename>
<surname>Pavesic</surname>
</persName>
</author>
</analytic>
<monogr><title level="j">Computer Standards & Interfaces</title>
<imprint><biblScope unit="volume">18</biblScope>
<biblScope unit="issue">2</biblScope>
<biblScope unit="page" from="191" to="195"></biblScope>
<date type="published" when="1996"></date>
</imprint>
</monogr>
</biblStruct>
<biblStruct xml:id="b29"><analytic><title></title>
</analytic>
<monogr><title level="m">Trust Services Principles, Criteria and Illustrations for Security, Availability, Processing Integrity, Confidentiality, and Privacy</title>
<editor>05A9970C-A574-406D-BE82-5BE60D17F90F</editor>
<imprint><date type="published" when="2006-03-29"></date>
</imprint>
</monogr>
</biblStruct>
<biblStruct xml:id="b30"><monogr><title level="m" type="main">DocBook: The Definitive Guide</title>
<author><persName><forename type="first">N</forename>
<surname>Walsh</surname>
</persName>
</author>
<author><persName><forename type="first">L</forename>
<surname>Muellner</surname>
</persName>
</author>
<imprint><date type="published" when="1999-07"></date>
</imprint>
</monogr>
</biblStruct>
</listBibl>
</back>
</text>
</istex:refBibTEI>
<json:item><type>refBibs</type>
<uri>https://api.istex.fr/document/8F2D3722365339EDF1BD6DAE7046314810E0FDB7/enrichments/refBibs</uri>
</json:item>
</enrichments>
</istex>
</record>

Pour manipuler ce document sous Unix (Dilib)

EXPLOR_STEP=$WICRI_ROOT/Wicri/Ticri/explor/TeiVM2/Data/Istex/Corpus

HfdSelect -h $EXPLOR_STEP/biblio.hfd -nk 000428 | SxmlIndent | more

HfdSelect -h $EXPLOR_AREA/Data/Istex/Corpus/biblio.hfd -nk 000428 | SxmlIndent | more

Pour mettre un lien sur cette page dans le réseau Wicri

{{Explor lien
   |wiki=    Wicri/Ticri
   |area=    TeiVM2
   |flux=    Istex
   |étape=   Corpus
   |type=    RBID
   |clé=     ISTEX:8F2D3722365339EDF1BD6DAE7046314810E0FDB7
   |texte=   A Computational Framework for Certificate Policy Operations
}}

This area was generated with Dilib version V0.6.31.
Data generation: Mon Oct 30 21:59:18 2017. Site generation: Sun Feb 11 23:16:06 2024

	Serveur d'exploration sur la TEI
	Attention, ce site est en cours de développement ! Attention, site généré par des moyens informatiques à partir de corpus bruts. Les informations ne sont donc pas validées.

Serveur d'exploration sur la TEI

A Computational Framework for Certificate Policy Operations

A Computational Framework for Certificate Policy Operations

Source :

Abstract

Links to Exploration step

Le document en format XML

Pour manipuler ce document sous Unix (Dilib)

Pour mettre un lien sur cette page dans le réseau Wicri