Kentaro Umesawa

Privacy enhanced access control by SPKI

In Internet and electronic commerce applications, a user may want to access servers as anonymous with an authorized certificate. In this paper, such privacy-enhanced service scheme is presented by using Simple Public Key Infrastructure (SPKI). A certificate of SPKI carries as few information on clients as possible compared to a certificate of PKIX (Public Key Infrastructure with X.509). After obtaining a certificate issued by an authorized server, a client submits the certificate to the service provider (server) in order to take services associated with the certificate. Then, the provider verifies the submitted certificate and gives permission to the client if verified. A client can delegate a certificate to a third party, so that he/she can access the server instead of the original certificate recipient. The implementation of the proposed certificate-based access control consists of authorized server, issuing agent, client. These are based on SPKI certificate issuer, certificate verifier, access control list management, and delegate mechanism. These subsystems are coded on the basis of SPKI library written in Java.

Privacy-enhanced access control by SPKI and its application to Web server

For providing a privacy-enhanced access only for an appropriate user, anonymous access such as anonymous FTP is too weak because a service provider cannot know about a client, while authentication-based access control such as PKIX (Public Key Infrastructure with X.509) is too strong because ID information on a client is exposed to a service-provider. Instead, we present a new access control scheme by using SPKI (Simple Public Key Infrastructure), since an authorization certificate based on SPKI does not carry any ID information. This scheme needs additional mechanism for the server and clients such as issuing, delegating, validating, and revoking certificates. A web-based privacy-enhanced access control is designed on the basis of the proposed scheme and implemented by Java. The resulting system shows that the proposed scheme works well with a small amount of overheads being introduced into a normal web server.

Architectural defects of the secure shell

Although flaws have been found out in SSH, the Secure Shell, there has been little discussion about its architecture or design safety. Therefore, considering SSH architecture, e.g. the key exchange protocol, user authentication protocols and total design of the SSH, we not only discuss SSH architectural safety but show critical flaws for SSH users. For establishing the SSH connection, before user authentication, the SSH server and client exchange a session key, which can communicate securely. Then, over the secret channel encrypted by the session key, the SSH server authenticates a user in the SSH client using a users password or public key. However, owing to defects in the SSH protocols and its design, a user can be deprived of their password in the authentication protocol. Moreover, we show that those who use its public key for authentication are exposed to the same risks as password-oriented users.

An access control with handling private information

An Internet user may want to provide only necessary information in order to access servers without disclosing his/her personal information, or with disclosing minimal personal information to the server. This requirement on privacy is neither realized by PKIX (Public Key Infrastructure with X.509 certificates) based access control nor by anonymous access. In this paper, we define a privacy-enhanc ed access control as the right of controlling the exposure of personal information and propose a privacy-enhanc ed access control mechanism by using Authorization Certificate of SPKI (Simple Public Key Infrastructure). This implementation shows that the SPKI-based WWW (World Wide Web) access control can easily replace the conventional one and that it also introduces a new service with some regulations such as ages, sex, or other features. We also discuss about the security issues of the proposed access control system.