Report on Attribute Certificates

1. Report on Attribute Certificates By Ganesh Godavari

2. Issuance of Attribute Certificates Central Applications ACA Central Central Applications Central Applications ACA Devolved Central Applications External Company User Central Applications Central Applications Department Applications Department Applications Dept A Dept B Dept C ACA Local ACA Local ACA Local User User User

3. Issuance • Central issuance - advantages • Suitable for small organizations • Local issuance - advantages • Simplified user authentication • Simplified issuance procedures • Reduced administration overhead • Greater control • Simpler distribution

4. Pull Mirrors X.509 identity cert model -- certificates are written to directory (e.g. X.500) Applications requiring attribute certificates may “pull” them as required Push Users supply attribute certificate directly to application (similar to password model) No directory Distributing Attribute Certificates Look up Publish Directory AttributeCertificate enabled Application AttributeCertificate Server Given to user Submitted by user

5. Using Attribute Certificates User Manager Application CA Operator CA Config Manager Web Server AttributeCertificate Server Proxy Verifies ACGrants access RA RA Web Server 3. Use Identity cert for Authentication 2. Get Attribute Certificate RA Operator 4. Use Attribute Cert for access control 1. Get X.509v3 Identity Certificate Registration Authority (RA) is a person to whom the CA delegates the responsibility for the verification of identity of a person requesting a certificate.

6. Using Attribute Certificates • Certificate (PKI) based authentication of user • SSL with client authentication • S/MIME with signature • Challenge response • Signed objects • Check attribute certificate is linked to identity • Check ACA is allowed • Check ACA signature • Extract attributes and use

7. Verifying Claimed Privilege SOA Bill Bill’s Public Key Issues AC to Alice’s Public Key AA Alice Signs Root CA Issues AC to Bob’s Public Key Bob Holder Issues Command to Checks delegation of privileges Checks all signatures Checks privilege is sufficient Privilege Verifier

8. Privilege Management Infrastructure • The resource must have available to PMI • the root of trust of the PKI (public key of root CA) • the root of trust of the PMI (public key of Source of Authority or a valid PK certificate) • privilege policy (rules specifying privileges) • local variables e.g. time of day • access to revocation information and certificate chains

9. Certificate Management Authority Revoke Issue Publish CRL Request Expire Cert Requests Certificates Expired certificates Revocation Information Audit Log • Components of Certificate Management Authority System • Enrollment. You can apply for and obtain a certificate for yourself or for a server that you administer. • Renewal. You can renew a certificate that is about to expire or has already expired. • Revocation. If you are a system administrator, you can revoke a certificate so that it is no longer valid. • Retrieval. You can list all certificates that are available to you or to your server.

10. Conclusion on certificate management • Cumbersome • Tedious • Who is root CA? • What level of certificate chain validation must I go through?

11. Research areas • How to define AC for a group? • Certificate Management System simplification?

12. Questions ?

13. References • Privilege Management in X.509(2000) presentation by David W Chadwick BSc PhD • Attribute Certificates presentation by Spiro Alifrangis, Baltimore Technologies