This document is an Internet-Draft and is in full conformance with all provisions of Section 10 of [RFC2026]. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet-Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet- Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at

This document is an Internet-Draft. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet-Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet- Drafts as reference material or to cite them other than as "work in progress." To learn the current status of any Internet-Draft, please check the "1id-abstracts.txt " listing contained in the Internet- Drafts Shadow Directories on ftp.is.co.za (Africa), ftp.nordu.net (Europe), munnari.oz.au (Pacific Rim), ds.internic.net (US East Coast), or ftp.isi.edu (US West Coast). This document describes the Cryptographic Message Syntax. This syntax is used to digitally sign or encrypt arbitrary messages. The Cryptographic Message Syntax is derived from PKCS #7 version 1.5. Wherever possible, backward compatibility is preserved; however, changes were necessary to accomodate attribute certificate transfer and key agreement techniques for key management. This drfat obosletes the previously released <draft-housley-smimecms-00.txt>. This draft is being discussed on the ’’ietf-smime’ ’ mailing list. To subscribe, send a message to:

Abstract not found

Multi-agent systems (MASs) are societies whose individuals are software-delegatees (agents) acting on behalf of their owners or delegators (people or organizations). When deployed in an open network such as the Internet, MASs face some trust and security issues. Agents come and go, and interact with strangers. Assumptions about security and general trustworthiness of agents and their deployers are inadequate in this context. In this paper, we present the design of a security infrastructure applicable to MASs in general. Our design addresses both security threats and trust issues. In our design, we have mechanisms for ensuring secure communication among agents and secure naming and resource location services. And two types of trusts are addressed: trust that agents will not misbehave and trust that agents are really delegatees of whom they claim to be. To establish the first type of trust, we make deployers of agents liable for the actions of their agents; to establish the second type o...

Current approaches to access control on Web servers do not scale to enterprise-wide systems because they are mostly based on individual user identities. Hence we were motivated by the need to manage and enforce the strong and efficient RBAC access control technology in large-scale Web environments. To satisfy this requirement, we identify two different architectures for RBAC on the Web, called user-pull and server-pull. To demonstrate feasibility, we implement each architecture by integrating and extending well-known technologies such as cookies, X.509, SSL, and LDAP, providing compatibility with current Web technologies. We describe the technologies we use to implement RBAC on the Web in different architectures. Based on our experience, we also compare the tradeoffs of the different approaches.

... This paper introduces Smart Packets and describes the Smart Packets architecture, the packet formats, the language and its design goals, and security considerations.

Edge computing pushes application logic and the underlying data to the edge of the network, with the aim of improving availability and scalability. As the edge servers are not necessarily secure, there must be provisions for validating their outputs. This paper proposes a mechanism that creates a verification object (VO) for checking the integrity of each query result produced by an edge server – that values in the result tuples are not tampered with, and that no spurious tuples are introduced. The primary advantages of our proposed mechanism are that the VO is independent of the database size, and that relational operations can still be fulfilled by the edge servers. These advantages reduce transmission load and processing at the clients. We also show how insert and delete transactions can be supported. 1.

We have described in another paper how to develop and use smart certificates by extending X.509 with several sophisticated features for secure attribute services on the Web. In this paper, we describe an implementation of RBAC (Role-Based Access Control) with role hierarchies on the Web as one possible application of smart certificates. To support RBAC, we issued smart certificates - which hold the subjects' role information - and configured a Web server to use the role information in the certificate instead of identities for its access control mechanism. Since the subjects' role information is provided integrity, the Web server can trust the role information after authentication and certificate verification by SSL, and uses it for role-based access control. To maintain compatibility with existing technologies, such as SSL, we used a bundled (containing the subject's identity and role information) smart certificate in the user-pull model.

Developing authorization mechanisms for secure information access by a large community of users in an open environment is challenging. Current research efforts grant privilege to a user based on his/her properties that are demonstrated by digital credentials (evidences). Holding credentials does not necessarily certify that the user is trustworthy. We use trust to characterize the possibility that a user will not carry out harmful actions. Authorization based on trust as well as evidence makes access control adaptable to users' behaviors. The research requires: a suitable authorization mechanism that can incorporate the evidence and the trust, appropriate representations of evidence and trust so that their manipulation can be automated. In this paper, we present a trust-enhanced role-mapping server, which can cooperate with RBAC (Role-Base Access Control) mechanisms for authorization based on evidence and trust. The effort of formalizing trust and evidence is discussed.

Multicast and anycast have received considerable attention due to their ability to support networked services. There are distinct and significant security vulnerabilities in both the multicast and anycast model including denial of service, theft of service, eavesdropping, and masquerading. The multicast problem requires a secure IGMP. The anycast problem requires secure anycast server advertisements. We generalize these two problems into a problem of group access control and propose Gothic, a complete architecture for providing group access control. Gothic centers around a novel authorization architecture. This is complemented by a proposal for a group policy management system that allows the group owner to be authenticated before being allowed to specify the group access rights. This system can be applied to other works that involve group policy. We show how Gothic operates in a number of environments including application-layer multicast, source-specific multicast, application-layer anycast and global IP-anycast. We evaluate the security and scalability of the architecture and show that it improves scalability over previous solutions while maintaining or increasing the level of security. We also propose methods of integrating Gothic with the group key management system and content distribution tree. We propose and evaluate a group access control aware group key management technique that leverages the existence of a group access control system to substantially reduce overhead.