Towards a Flexible Intra-Trustcenter Management Protocol

This paper proposes the Intra Trustcenter Protocol (ITP), a flexible and secure management protocol for communication between arbitrary trustcenter components. Unlike other existing protocols (like PKCS#7, CMP or XKMS) ITP focuses on the communication within a trustcenter. It is powerful enough for transferring complex messages which are machine and human readable and easy to understand. In addition it includes an extension mechanism to be prepared for future developments.Comment: 12 pages, 0 figures; in The Third International Workshop for Applied PKI (IWAP2004

Using LDAP Directories for Management of PKI Processes

We present a framework for extending the functionality of LDAP servers from their typical use as a public directory in public key infrastructures. In this framework the LDAP servers are used for administrating infrastructure processes. One application of this framework is a method for providing proof-of-possession, especially in the case of encryption keys. Another one is the secure delivery of software personal security environments

On Securing Unix Systems with Smart Cards

Abstract. The subject of this paper is to give an overview of the state of the art in securing Unix-based workstations by means of PKIs and smart cards. Firstly, we discuss the basic principles of the operating mode and the existing standards. Following this, we explore technical demands of smart cards and the respective software. We focus on a survey of available card readers, smart cards and the current state of open source-projects regarding the use of smart cards. An evaluation of the present state of smart card-development marks the end of the work

Towards Secure Electronic Workflows

Abstract. Despite the introduction of information technologies in governmental administrations, most bureaucratic processes are still paperbased. In this paper we present a framework to transfer conventional, paper-based processes to electronic workflows. Thereby, the transformation to e-Government applications has two challenges. First, to find an equivalent description for the single activities and their interaction for defining the entire process. Second, to ensure the security of the process. We identified four types of activities that can be used as basic components for the workflows considered in our work. The security aspects of the electronic representation are ensured by further framework components, for example authentication or authorization. Finally, we present how this framework can be used for other scenarios and discuss some details of our prototype implementation