19 research outputs found
Towards a Flexible Intra-Trustcenter Management Protocol
This paper proposes the Intra Trustcenter Protocol (ITP), a flexible and
secure management protocol for communication between arbitrary trustcenter
components. Unlike other existing protocols (like PKCS#7, CMP or XKMS) ITP
focuses on the communication within a trustcenter. It is powerful enough for
transferring complex messages which are machine and human readable and easy to
understand. In addition it includes an extension mechanism to be prepared for
future developments.Comment: 12 pages, 0 figures; in The Third International Workshop for Applied
PKI (IWAP2004
Notification Services for the Server-Based Certificate Validation Protocol
The Server-Based Certificate Validation Protocol allows PKI clients to delegate to a server the construction or validation of certification paths. The protocol’s specification focuses on the communication between the server and the client and its security. It does not discuss how the servers can efficiently locate the necessary PKI resources like certificate or certificate revocation lists. In this paper we concentrate on this topic. We present a simple and effective method to facilitate locating and using various PKI resources by the servers, without modifying the protocol. We use the extension mechanism of the protocol for notifying the servers about PKI repositories, certificates, and revocations. We specify the tasks of the servers and certificate issu-ers and define the messages that are exchanged between them. A proof of concept is given by implementing an SCVP server, a client, and the proposed method in Java
Towards Secure Electronic Workflows Examples of Applied PKI Supervisor:
Hiermit versichere ich, die vorliegende Diplomarbeit selbstständig und unter ausschliesslicher Verwendung der angegebenen Quellen und Hilfsmittel angefertigt zu haben. Diese Arbeit hat in gleicher oder ähnlicher Form noch keiner Prüfungsbehörde vorgelegen. Darmstadt, 14. Februar 200
Using LDAP Directories for Management of PKI Processes
We present a framework for extending the functionality of LDAP servers from their typical use as a public directory in public key infrastructures. In this framework the LDAP servers are used for administrating infrastructure processes. One application of this framework is a method for providing proof-of-possession, especially in the case of encryption keys. Another one is the secure delivery of software personal security environments
Planning for Directory Services in Public Key Infrastructures
In this paper we provide a guide for public key infrastructure designers and administrators when planning for directory services. We concentrate on the LDAP directories and how they can be used to successfully publish PKI information. We analyse their available mechanisms and propose a best practice guide for use in PKI
The Workshop - Implementing Well Structured Enterprise Applications
We specify an abstraction layer to be used between an enterprise application
and the utilized enterprise framework (like J2EE or .NET). This specification
is called the Workshop. It provides an intuitive metaphor supporting the
programmer in designing easy understandable code. We present an implementation
of this specification. It is based upon the J2EE framework and is called the
JWorkshop. As a proof of concept we implement a special certification authority
called the Key Authority based upon the JWorkshop. The mentioned certification
authority runs very successfully in a variety of different real world projects.Comment: 7 pages (ieee), 1 figure, accepted for SERP'0