Generic Support for PKIX Certificate Management in CDSA

A
ACSAC
1999
15th Annual Computer Security Applications Conference (ACSAC '99)
Abstract - Generic Support for PKIX Certificate Management in CDSA

	This Article
	Subscribers, please Login Purchase article: $19 PDF IEEE Xplore Subscribers RSS feed
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Shabnam Erfani Articles by Sekar Chandersekaran

15th Annual Computer Security Applications Conference (ACSAC '99)

Phoenix, Arizona

December 06-December 10

ISBN: 0-7695-0346-2

	ASCII Text	x
	Shabnam Erfani, Sekar Chandersekaran, "Generic Support for PKIX Certificate Management in CDSA," Computer Security Applications Conference, Annual, pp. 269, 15th Annual Computer Security Applications Conference (ACSAC '99), 1999.

	BibTex	x
	@article{ 10.1109/CSAC.1999.816036, author = {Shabnam Erfani and Sekar Chandersekaran}, title = {Generic Support for PKIX Certificate Management in CDSA}, journal ={Computer Security Applications Conference, Annual}, volume = {0}, year = {1999}, issn = {1063-9527}, pages = {269}, doi = {http://doi.ieeecomputersociety.org/10.1109/CSAC.1999.816036}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Computer Security Applications Conference, Annual TI - Generic Support for PKIX Certificate Management in CDSA SN - 1063-9527 SP EP A1 - Shabnam Erfani, A1 - Sekar Chandersekaran, PY - 1999 KW - CDSA KW - PKIX KW - Certificate management KW - architecture VL - 0 JA - Computer Security Applications Conference, Annual ER -

Shabnam Erfani, WatchGuard Technologies

Sekar Chandersekaran, Microsoft Corporation

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/CSAC.1999.816036

The Common Data Security Architecture (CDSA) from the Open Group is a flexible standard that defines APIs for security services needed for implementing Public Key Infrastructure (PKI). The emerging IETF Public Key Infrastructure (PKIX) standards provide certificate management protocols geared toward the Internet. The PKIX specifications define the expected behavior of the PKI, but do not provide abstractions that can be used by exploiting applications. In this paper we show the feasibility and design methodology of extending CDSA abstractions to support PKIX certificate management. To achieve this, we model a general, end-to-end system architecture based on CDSA that exploits PKIX certificate management model, and discuss the merits of this system from the application and system architecture perspectives. We conclude the paper with a discussion of the resulted generic CDSA version 2.0 API that support PKIX certificate management model.

Index Terms:

CDSA, PKIX, Certificate management, architecture

Citation:

Shabnam Erfani, Sekar Chandersekaran, "Generic Support for PKIX Certificate Management in CDSA," acsac, pp.269, 15th Annual Computer Security Applications Conference (ACSAC '99), 1999

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.