16th Annual Computer Security Applications Conference
December 11-15, 2000
New Orleans, Louisiana
Binding Identities and Attributes Using Digitally Signed Certificates
Joon S. Park
Naval Research Lab
George Mason Univ.
A certificate is digitally signed by a certificate authority (CA) to confirm
that the information in the certificate is valid and belongs to the subject.
Certificate users can verify the integrity and validity of a certificate by
checking the issuing CA's digital signature in the certificate and, if
necessary, chasing certificate chain and revocation lists. Usually, we use
certificates to provide the integrity of identity or attribute information
of the subject. Attributes must be coupled with the corresponding
identities. In this paper, we introduce comprehensive approaches to bind
identity and attribute certificates, identifying three different techniques:
monolithic, autonomic, and chained signatures. We describe each technique
and analyze the relative advantages and disadvantages of each.
Read Paper (in PDF)