THE DELEGATION PROBLEM AND PRACTICAL PKI-BASED SOLUTIONS

Venus L. S. Cheung, Lucas C. K. Hui, S. M. Yiu

2004

Abstract

Delegation is a process where a delegator grants or authorizes all or some of his/her power to another a delegate to work on his/her behalf. In an office, it is common for officers to delegate their power to subordinates. In a digital environment (e.g. a secure enterprise information system with confidential electronic documents), how delegation can be handled properly is still an open question. In this paper, we address the delegation problem in the context of a secure information system, lay down a set of requirements from the users’ point of view and propose several practical PKI-based schemes to solve the problem. Analysis on the proposed schemes concludes that Proxy Memo can solve the problem quite efficiently while reducing the key management problem.

References

1. Cheung, V. L. S., Hui, L. C. K., Yiu, S. M., Chow, K. P., Pun, K. H., Tsang, W. W., Chan, H. W., and Chong, C. F. (2004). Delegation of Signing and Decryption Rights Using PKI Proxy Memo, to appear in Proceedings of the IASTED International Conference on Software Engineering (SE2004).
2. Ding, Y. and Petersen, H. (1995). A new approach for delegation using hierarchical delegation tokens. Technical report, University of Technology, Chemnitz-Zwickau.
3. Ford, W. and Baum, M. (1997). Secure Electronic Commerce: building the infrastructure for digital signatures and encryption, chapter 7, pages 263-308. Prentice Hall.
4. Gasser, M. and McDermott, E. (1990). An Architecture for Practical Delegation in a Distributed System. In IEEE Computer Society Symposium on Research in Security and Privacy, pages 20-30.
5. Kim, S., Park, S., and Won, D. (1997). Proxy Signatures, Revisited. In Proceedings of ICICS'97, International Conference on Information and Communications Security, LNCS 1334, pages 223-232. Springer-Verlag.
6. Lee, B., Kim, H., and Kim, K. (2001). Strong Proxy Signature and its Applications. In The 2001 Symposium on Cryptography and Information Security, Oiso, Japan.
7. Mambo, M. and Okamoto, E. (1997). Proxy Cryptosystems: Delegation of the Power to Decrypt Ciphertexts. In IEICE Trans. Fundamentals, volume E80-A, No.1, pages 54-63.
8. Mambo, M., Usuda, K., and Okamoto, E. (1996a). Proxy Signatures: Delegation of the Power to Sign Messages. In IEICE Trans. Fundamentals, volume E79-A, No. 9, pages 1338-1354.
9. Mambo, M., Usuda, K., and Okamoto, E. (1996b). Proxy Signatures for Delegating Signing Operation. In Proceedings of Third ACM Conference on Computer and Communications Security, pages 48-57.
10. Neuman, B. C. (1993). Proxy-Based Authorization and Accounting for Distributed Systems. In Proceedings of the 13th International Conference on Distributed Computing Systems, pages 283-291, Pittsburgh.
11. Varadharajan, V., Allen, P., and Black, S. (1991). An Analysis of the Proxy Problem in Distributed Systems. In IEEE Computer Society Symposium on Research in Security and Privacy, pages 255-275.

Paper Citation

in Harvard Style

L. S. Cheung V., C. K. Hui L. and M. Yiu S. (2004). THE DELEGATION PROBLEM AND PRACTICAL PKI-BASED SOLUTIONS . In Proceedings of the Sixth International Conference on Enterprise Information Systems - Volume 3: ICEIS, ISBN 972-8865-00-7, pages 73-78. DOI: 10.5220/0002627100730078

in Bibtex Style

@conference{iceis04,
author={Venus L. S. Cheung and Lucas C. K. Hui and S. M. Yiu},
title={THE DELEGATION PROBLEM AND PRACTICAL PKI-BASED SOLUTIONS},
booktitle={Proceedings of the Sixth International Conference on Enterprise Information Systems - Volume 3: ICEIS,},
year={2004},
pages={73-78},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0002627100730078},
isbn={972-8865-00-7},
}

in EndNote Style

TY - CONF
JO - Proceedings of the Sixth International Conference on Enterprise Information Systems - Volume 3: ICEIS,
TI - THE DELEGATION PROBLEM AND PRACTICAL PKI-BASED SOLUTIONS
SN - 972-8865-00-7
AU - L. S. Cheung V.
AU - C. K. Hui L.
AU - M. Yiu S.
PY - 2004
SP - 73
EP - 78
DO - 10.5220/0002627100730078