Enabling NAME-Based Security and Trust - Inria - Institut national de recherche en sciences et technologies du numérique Accéder directement au contenu
Communication Dans Un Congrès Année : 2015

Enabling NAME-Based Security and Trust

Nikos Fotiou
  • Fonction : Auteur
  • PersonId : 996029

Résumé

An integral component of almost any security and trust system is endpoint identity verification. The predominant identification primitive, used in most contemporary systems, is the digital certificate. A digital certificate binds a NAME (i.e., an “official way to refer to an entity”) to a cryptographic public key, which is then used for the NAME verification. In this paper, we propose a NAME verification system that does not rely on digital certificates. Our solution uses Hierarchical Identity Based Encryption (HIBE) to allow fine-grained NAME verification, trust delegation and attribute-based access control. For the delivery of the necessary system parameters we propose an approach that leverages the NAME registration and resolution systems, eliminating the need for a Public-Key Infrastructure. As proof of concept, we implement and evaluate our system using the Lewko-Waters HIBE scheme and DANE-DNSSEC.
Fichier principal
Vignette du fichier
337890_1_En_4_Chapter.pdf (1.25 Mo) Télécharger le fichier
Origine : Fichiers produits par l'(les) auteur(s)
Loading...

Dates et versions

hal-01416207 , version 1 (14-12-2016)

Licence

Paternité

Identifiants

Citer

Nikos Fotiou, George C. Polyzos. Enabling NAME-Based Security and Trust. 9th IFIP International Conference on Trust Management (TM), May 2015, Hamburg, Germany. pp.47-59, ⟨10.1007/978-3-319-18491-3_4⟩. ⟨hal-01416207⟩
88 Consultations
82 Téléchargements

Altmetric

Partager

Gmail Facebook X LinkedIn More