Browse Prior Art Database

The KeyNote Trust-Management System Version 2 (RFC2704)

IP.com Disclosure Number: IPCOM000003298D
Original Publication Date: 1999-Sep-01
Included in the Prior Art Database: 2000-Sep-13
Document File: 30 page(s) / 74K

Publishing Venue

Internet Society Requests For Comment (RFCs)

Related People

M. Blaze: AUTHOR [+4]

Abstract

This memo describes version 2 of the KeyNote trust-management system. It specifies the syntax and semantics of KeyNote `assertions', describes `action attribute' processing, and outlines the application architecture into which a KeyNote implementation can be fit. The KeyNote architecture and language are useful as building blocks for the trust management aspects of a variety of Internet protocols and services.

This text was extracted from a ASCII document.
This is the abbreviated version, containing approximately 4% of the total text.

Network Working Group M. Blaze

Request for Comments: 2704 J. Feigenbaum

Category: Informational J. Ioannidis

AT&T Labs - Research

A. Keromytis

U. of Pennsylvania

September 1999

The KeyNote Trust-Management System Version 2

Status of this Memo

This memo provides information for the Internet community. It does

not specify an Internet standard of any kind. Distribution of this

memo is unlimited.

Copyright Notice

Copyright (C) The Internet Society (1999). All Rights Reserved.

Abstract

This memo describes version 2 of the KeyNote trust-management system.

It specifies the syntax and semantics of KeyNote `assertions',

describes `action attribute' processing, and outlines the application

architecture into which a KeyNote implementation can be fit. The

KeyNote architecture and language are useful as building blocks for

the trust management aspects of a variety of Internet protocols and

services.

1. Introduction

Trust management, introduced in the PolicyMaker system [BFL96], is a

unified approach to specifying and interpreting security policies,

credentials, and relationships; it allows direct authorization of

security-critical actions. A trust-management system provides

standard, general-purpose mechanisms for specifying application

security policies and credentials. Trust-management credentials

describe a specific delegation of trust and subsume the role of

public key certificates; unlike traditional certificates, which bind

keys to names, credentials can bind keys directly to the

authorization to perform specific tasks.

A trust-management system has five basic components:

* A language for describing `actions', which are operations with

security consequences that are to be controlled by the system.

* A mechanism for identifying `principals', which are entities that

can be authorized to perform actions.

* A language for specifying application `policies', which govern the

actions that principals are authorized to perform.

* A language for specifying `credentials', which allow principals to

delegate authorization to other principals.

* A `compliance checker', which provides a service to applications

for determining how an action requested by principals should be

handled, given a policy and a ...