Check out the new USENIX Web site. next up previous
Next: The SEM architecture. Up: A Method for Fast Previous: A Method for Fast

Introduction

We begin this paper with an example to illustrate the premise for this work. Consider an organization - industrial, government or military - where all employees (referred to as users) have certain authorities and authorizations. We assume that a modern Public Key Infrastructure (PKI) is available and all users have digital signature, as well as encryption, capabilities. In the course of performing routine everyday tasks users take advantage of secure applications such as email, file transfer, remote log-in and web browsing.

Now suppose that a trusted user (Alice) does something that warrants immediate revocation of her security privileges. For example, Alice might be fired, or she may suspect that her private key has been compromised. Ideally, immediately following revocation, Alice should be unable to perform any security operations and use any secure applications. Specifically, this means:

In Section 7, we discuss current revocation techniques and demonstrate that the above requirements are impossible to satisfy with these techniques. Most importantly, current techniques do not provide immediate revocation.




next up previous
Next: The SEM architecture. Up: A Method for Fast Previous: A Method for Fast
Gene Tsudik
2001-05-10