An integral component of almost any security and trust system is endpoint identity verification. The predominant identification primitive, used in most contemporary systems, is the digital certificate. A digital certificate binds a NAME (i.e., an “official way to refer to an entity”) to a cryptographic public key, which is then used for the NAME verification. In this paper, we propose a NAME verification system that does not rely on digital certificates. Our solution uses Hierarchical Identity Based Encryption (HIBE) to allow fine-grained NAME verification, trust delegation and attribute-based access control. For the delivery of the necessary system parameters we propose an approach that leverages the NAME registration and resolution systems, eliminating the need for a Public-Key Infrastructure. As proof of concept, we implement and evaluate our system using the Lewko-Waters HIBE scheme and DANEDNSSEC.
CITATION STYLE
Fotiou, N., & Polyzos, G. C. (2015). Enabling NAME-Based Security and Trust. In IFIP Advances in Information and Communication Technology (Vol. 454, pp. 47–59). Springer New York LLC. https://doi.org/10.1007/978-3-319-18491-3_4
Mendeley helps you to discover research relevant for your work.