Click here for full text:
A Java API for X.509 Proxy Certificates
Gilbert, John; Perry, Russell
HP Laboratories
HPL-2008-77
Keyword(s): X.509 Proxy Certificate, Delegation, Public Key Infrastructure, Grid Security Infrastructure, SSL, HTTPS, Java Cryptography Architecture, Java Secure Sockets Extension.
Abstract: X.509 Proxy Certificates have been proposed for use in the Grid Security Infrastructure to allow dynamic delegation of rights and single sign-on for end users. We have evaluated proxy certificates to secure a service-oriented architecture for digital content based on Web Services. We describe how support for proxy certificates was implemented in Java through extensions to the Java Cryptography API and related security APIs. The principal challenges involved providing control over which proxy certificate to use per SSL connection, validating proxy certificate chains and supporting runtime generation of proxy certificates.
25 Pages
External Posting Date: July 6, 2008 [Fulltext]. Approved for External Publication
Internal Posting Date: July 6, 2008 [Fulltext]
Back to Index
| 
Printable version
