Authorization policy in a PKI environment
Conference
·
OSTI ID:795352
- LBNL Library
The major emphasis of Public Key Infrastructure has been to provide a cryptographically secure means of authenticating identities. While there are a number of proposed standards for authorization structures and protocols based on X.509 or other key-based identities, none have been widely adopted. As part of an effort to use X.509 identities to provide authorization in highly distributed environments, we have developed and deployed an authorization service based on X.509 identified users and access policy contained in certificates signed by X.509 identified stakeholders. The major goal of this system, called Akenti, is to produce a usable authorization system for an environment consisting of distributed resources used by geographically and administratively distributed users.
- Research Organization:
- Ernest Orlando Lawrence Berkeley National Laboratory, Berkeley, CA (US)
- Sponsoring Organization:
- USDOE Director, Office of Science. Office of Advanced Scientific Computing Research. Mathematical, Information, and Computational Sciences Division (US)
- DOE Contract Number:
- AC03-76SF00098
- OSTI ID:
- 795352
- Report Number(s):
- LBNL--49512
- Country of Publication:
- United States
- Language:
- English
Similar Records
Certificate-based authorization policy in a PKI environment
Interoperable PKI Data Distribution in Computational Grids
CILogon: A federated X.509 certification authority for cyberinfrastructure logon
Journal Article
·
Fri Feb 14 23:00:00 EST 2003
· ACM Transactions on Information and System Security
·
OSTI ID:821027
Interoperable PKI Data Distribution in Computational Grids
Journal Article
·
Fri Jul 25 00:00:00 EDT 2008
· International Journal of Grid and High Performance Computing
·
OSTI ID:973564
CILogon: A federated X.509 certification authority for cyberinfrastructure logon
Journal Article
·
Thu Apr 03 20:00:00 EDT 2014
· Concurrency and Computation. Practice and Experience
·
OSTI ID:1618024