A Computational Framework for Certificate Policy Operations
Identifieur interne : 000070 ( Main/Exploration ); précédent : 000069; suivant : 000071A Computational Framework for Certificate Policy Operations
Auteurs : A. Weaver [États-Unis] ; Scott Rea [États-Unis] ; W. Smith [États-Unis]Source :
- Lecture Notes in Computer Science [ 0302-9743 ] ; 2010.
Abstract
Abstract: The trustworthiness of any Public Key Infrastructure (PKI) rests upon the expectations for trust, and the degree to which those expectations are met. Policies, whether implicit as in PGP and SDSI/SPKI or explicitly required as in X.509, document expectations for trust in a PKI. The widespread use of X.509 in the context of global e-Science infrastructures, financial institutions, and the U.S. Federal government demands efficient, transparent, and reproducible policy decisions. Since current manual processes fall short of these goals, we designed, built, and tested computational tools to process the citation schemes of X.509 certificate policies defined in RFC 2527 and RFC 3647. Our PKI Policy Repository, PolicyBuilder, and PolicyReporter improve the consistency of certificate policy operations as actually practiced in compliance audits, grid accreditation, and policy mapping for bridging PKIs. Anecdotal and experimental evaluation of our tools on real-world tasks establishes their actual utility and suggests how machine-actionable policy might empower individuals to make informed trust decisions in the future.
Url:
DOI: 10.1007/978-3-642-16441-5_2
Affiliations:
Links toward previous steps (curation, corpus...)
- to stream Istex, to step Corpus: 000428
- to stream Istex, to step Curation: 000428
- to stream Istex, to step Checkpoint: 000041
- to stream Main, to step Merge: 000070
- to stream Main, to step Curation: 000070
Le document en format XML
<record><TEI wicri:istexFullTextTei="biblStruct"><teiHeader><fileDesc><titleStmt><title xml:lang="en">A Computational Framework for Certificate Policy Operations</title><author><name sortKey="Weaver, A" sort="Weaver, A" uniqKey="Weaver A" first="A." last="Weaver">A. Weaver</name></author><author><name sortKey="Rea, Scott" sort="Rea, Scott" uniqKey="Rea S" first="Scott" last="Rea">Scott Rea</name></author><author><name sortKey="Smith, W" sort="Smith, W" uniqKey="Smith W" first="W." last="Smith">W. Smith</name></author></titleStmt><publicationStmt><idno type="wicri:source">ISTEX</idno><idno type="RBID">ISTEX:8F2D3722365339EDF1BD6DAE7046314810E0FDB7</idno><date when="2010" year="2010">2010</date><idno type="doi">10.1007/978-3-642-16441-5_2</idno><idno type="url">https://api.istex.fr/document/8F2D3722365339EDF1BD6DAE7046314810E0FDB7/fulltext/pdf</idno><idno type="wicri:Area/Istex/Corpus">000428</idno><idno type="wicri:Area/Istex/Curation">000428</idno><idno type="wicri:Area/Istex/Checkpoint">000041</idno><idno type="wicri:explorRef" wicri:stream="Istex" wicri:step="Checkpoint">000041</idno><idno type="wicri:doubleKey">0302-9743:2010:Weaver A:a:computational:framework</idno><idno type="wicri:Area/Main/Merge">000070</idno><idno type="wicri:Area/Main/Curation">000070</idno><idno type="wicri:Area/Main/Exploration">000070</idno></publicationStmt><sourceDesc><biblStruct><analytic><title level="a" type="main" xml:lang="en">A Computational Framework for Certificate Policy Operations</title><author><name sortKey="Weaver, A" sort="Weaver, A" uniqKey="Weaver A" first="A." last="Weaver">A. Weaver</name><affiliation wicri:level="1"><country xml:lang="fr">États-Unis</country><wicri:regionArea>Dartmouth College, NH 03755, Hanover</wicri:regionArea><wicri:noRegion>Hanover</wicri:noRegion></affiliation></author><author><name sortKey="Rea, Scott" sort="Rea, Scott" uniqKey="Rea S" first="Scott" last="Rea">Scott Rea</name><affiliation wicri:level="1"><country xml:lang="fr">États-Unis</country><wicri:regionArea>Dartmouth College, NH 03755, Hanover</wicri:regionArea><wicri:noRegion>Hanover</wicri:noRegion></affiliation></author><author><name sortKey="Smith, W" sort="Smith, W" uniqKey="Smith W" first="W." last="Smith">W. Smith</name><affiliation wicri:level="1"><country xml:lang="fr">États-Unis</country><wicri:regionArea>Dartmouth College, NH 03755, Hanover</wicri:regionArea><wicri:noRegion>Hanover</wicri:noRegion></affiliation></author></analytic><monogr></monogr><series><title level="s">Lecture Notes in Computer Science</title><imprint><date>2010</date></imprint><idno type="ISSN">0302-9743</idno><idno type="eISSN">1611-3349</idno><idno type="ISSN">0302-9743</idno></series><idno type="istex">8F2D3722365339EDF1BD6DAE7046314810E0FDB7</idno><idno type="DOI">10.1007/978-3-642-16441-5_2</idno><idno type="ChapterID">2</idno><idno type="ChapterID">Chap2</idno></biblStruct></sourceDesc><seriesStmt><idno type="ISSN">0302-9743</idno></seriesStmt></fileDesc><profileDesc><textClass></textClass><langUsage><language ident="en">en</language></langUsage></profileDesc></teiHeader><front><div type="abstract" xml:lang="en">Abstract: The trustworthiness of any Public Key Infrastructure (PKI) rests upon the expectations for trust, and the degree to which those expectations are met. Policies, whether implicit as in PGP and SDSI/SPKI or explicitly required as in X.509, document expectations for trust in a PKI. The widespread use of X.509 in the context of global e-Science infrastructures, financial institutions, and the U.S. Federal government demands efficient, transparent, and reproducible policy decisions. Since current manual processes fall short of these goals, we designed, built, and tested computational tools to process the citation schemes of X.509 certificate policies defined in RFC 2527 and RFC 3647. Our PKI Policy Repository, PolicyBuilder, and PolicyReporter improve the consistency of certificate policy operations as actually practiced in compliance audits, grid accreditation, and policy mapping for bridging PKIs. Anecdotal and experimental evaluation of our tools on real-world tasks establishes their actual utility and suggests how machine-actionable policy might empower individuals to make informed trust decisions in the future.</div></front></TEI><affiliations><list><country><li>États-Unis</li></country></list><tree><country name="États-Unis"><noRegion><name sortKey="Weaver, A" sort="Weaver, A" uniqKey="Weaver A" first="A." last="Weaver">A. Weaver</name></noRegion><name sortKey="Rea, Scott" sort="Rea, Scott" uniqKey="Rea S" first="Scott" last="Rea">Scott Rea</name><name sortKey="Smith, W" sort="Smith, W" uniqKey="Smith W" first="W." last="Smith">W. Smith</name></country></tree></affiliations></record>Pour manipuler ce document sous Unix (Dilib)
EXPLOR_STEP=$WICRI_ROOT/Wicri/Ticri/explor/TeiVM2/Data/Main/Exploration
HfdSelect -h $EXPLOR_STEP/biblio.hfd -nk 000070 | SxmlIndent | more
Ou
HfdSelect -h $EXPLOR_AREA/Data/Main/Exploration/biblio.hfd -nk 000070 | SxmlIndent | more
Pour mettre un lien sur cette page dans le réseau Wicri
{{Explor lien
|wiki= Wicri/Ticri
|area= TeiVM2
|flux= Main
|étape= Exploration
|type= RBID
|clé= ISTEX:8F2D3722365339EDF1BD6DAE7046314810E0FDB7
|texte= A Computational Framework for Certificate Policy Operations
}}
| This area was generated with Dilib version V0.6.31. |  |