SECURING WEB SERVICES USING IDENTITY-BASED ENCRYPTION (IBE)

Kari Anne Haaland, Chunming Rong

2006

Abstract

There is obvious need in cooperation between organizations. A recent trend is cooperation online, which result in the need of facilitating and managing cross-domain access to information and applications. It is important to utilize open standards that leverage existing technologies instead of replacing them. WS-Security, emitted by OASIS, defines standards on how to encode security tokens. In this paper we look at the use of Identity-based Encryption to leverage the exchange of security tokens, and how it can be implemented with WS-Security. Identity-based encryption offers, compared to the more conventional PKI, some additional advantages. For instance: databases maintaining public-key certificates are now longer necessary, this simplify key management, saves space, and eliminate the threat of attacks on these databases. It is also more suitable to grant collective access to groups, and is therefore suited for role based access control. We do not suggest Identity-based encryption as a replacement, but rather a complementary.

References

  1. Al-Riyami, S. & Paterson, K. (2003) Certificateless public key cryptography. Advances in Cryptology - Asiacrypt'03. Springer-Verlag.
  2. Anderson, S., Bohren, J., Boubez, T., Chanliau, M., DellaLibera, G. & et al. (2005) Web Service Trust Language (WS-Trust). IBM.
  3. Atkinson, B., Della-Libera, G., Hada, S., Hallam-Baker, P., Hondo, M. & et al. (2002a) Web Service Security Kerberos Token Profile OASIS.
  4. Atkinson, B., Della-Libera, G., Hada, S., Hondo, M., Hallam-Baker, P. & et al. (2002b) Spesification: Web Service Security (WS-Security). IN KALER, C. (Ed.), IMB
  5. Boneh, D. & Franklin, M. (2001) Identity-Based Encryption from the Weil Pairing. Lecture Notes in Computer Science, 2139, 213-240.
  6. Chadwick, D., Otenko, A. & Ball, E. (2003) Role-based access control with X.509 attribute certificates. Internet Computing, IEEE, 7, 62-69.
  7. Fabrice, K. A. H. (2003) Understanding Kerberos v5 authentication protocol. SANS institute.
  8. Hogg, J., Smith, D., Chong, F., Taylor, D., Wall, L. & SLATER, P. (2005) Web Service Security Microsoft.
  9. Knight, S. & Grandy, C. (2002) Scalability Issues in PMI Delegation. 1st Annual PKI Research Workshop.
  10. Liimatainen, S. (2005) Usability of Decentralized Authorization Systems - A Comperative Study. System Sciences, 2005, HICSS'05. Proceedings of the 38th Annual Hawaii International Conference on.
  11. Menezes, A. J., Van Oorschot, P. C. & Vanstone, S. A. (1996) Trusted third parties and public-key certificates. Handbook of Applied Cryptography. CRC.
  12. Mont, M. C., Bramhall, P. & Harrison, K. (2003) A Flexible Role-based Secure Messaging Service: Exploiting IBE Technology for Privacy in Health Care. HP.
  13. Stallings, W. (2003) Cryptography and Network Security, Prentice Hall.
  14. Thompson, M. R., Essiari, A. & Mudumbai, S. (2003) Certificate-based authorization policy in a pki environment. ACM Transactions on Information and System Security, 6, 566-588.
  15. Thurston, G., Siebenlist, F., Hughes, M., Reid, I. & et al. (2004) Web Service Security X.509 Certificate Token Profile. OASIS.
  16. Zhang, Z. & Feng, D. (2005) On the Security of a Certificateless Public-Key Encryption. Cryptology ePrint Archive.
Download


Paper Citation


in EndNote Style

TY - CONF
JO - Proceedings of the International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2006)
TI - SECURING WEB SERVICES USING IDENTITY-BASED ENCRYPTION (IBE)
SN - 978-972-8865-63-4
AU - Anne Haaland K.
AU - Rong C.
PY - 2006
SP - 413
EP - 418
DO - 10.5220/0002103504130418


in Harvard Style

Anne Haaland K. and Rong C. (2006). SECURING WEB SERVICES USING IDENTITY-BASED ENCRYPTION (IBE) . In Proceedings of the International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2006) ISBN 978-972-8865-63-4, pages 413-418. DOI: 10.5220/0002103504130418


in Bibtex Style

@conference{secrypt06,
author={Kari Anne Haaland and Chunming Rong},
title={SECURING WEB SERVICES USING IDENTITY-BASED ENCRYPTION (IBE)},
booktitle={Proceedings of the International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2006)},
year={2006},
pages={413-418},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0002103504130418},
isbn={978-972-8865-63-4},
}