Abstract
For providing a privacy-enhanced access only for an appropriate user, anonymous access such as anonymous FTP is too weak because a service provider cannot know about a client, while authentication-based access control such as PKIX (Public Key Infrastructure with X.509) is too strong because ID information on a client is exposed to a service-provider. Instead, we present a new access control scheme by using SPKI (Simple Public Key Infrastructure), since an authorization certificate based on SPKI does not carry any ID information. This scheme needs additional mechanism for the server and clients such as issuing, delegating, validating, and revoking certificates. A web-based privacy-enhanced access control is designed on the basis of the proposed scheme and implemented by Java. The resulting system shows that the proposed scheme works well with a small amount of overheads being introduced into a normal web server.
Original language | English |
---|---|
Title of host publication | Proceedings of the Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises, WETICE |
Publisher | IEEE Computer Society |
Pages | 201-206 |
Number of pages | 6 |
Volume | 2000-January |
ISBN (Print) | 0769507980 |
DOIs | |
Publication status | Published - 2000 |
Externally published | Yes |
Event | IEEE 9th International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises, WET ICE 2000 - Gaithersburg, United States Duration: 2000 Jun 14 → 2000 Jun 16 |
Other
Other | IEEE 9th International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises, WET ICE 2000 |
---|---|
Country/Territory | United States |
City | Gaithersburg |
Period | 00/6/14 → 00/6/16 |
Keywords
- Access control
- Access protocols
- Authorization
- Blood
- Internet
- Java
- Network servers
- Privacy
- Public key
- Web server
ASJC Scopus subject areas
- Hardware and Architecture
- Software