SPADE: SPKI/SDSI for Attribute Release Policies in a Distributed Environment 

Dartmouth Technical Report TR2003-453

	Sidharth P. Nazareth

Date: May 2003

URL (compressed postscript): <http://www.cs.dartmouth.edu/reports/TR2003-453.ps.Z> (776KB)

URL (PDF): <http://www.cs.dartmouth.edu/reports/TR2003-453.pdf> (676KB)

Abstract:
  Shibboleth is a federated administrated system that supports
 inter-institutional authentication and authorization for sharing of
 resources. SPKI/SDSI is a public key infrastructure whose creation
 was motivated by the perception that X.509 is too complex and
 flawed. This thesis addresses the problem of how users that are part
 of a Public Key Infrastructure in a distributed computing system can
 effectively specify, create, and disseminate their Attribute Release
 Policies for Shibboleth using SPKI/SDSI. This thesis explores
 existing privacy mechanims, as well as distributed trust management
 and policy based systems. My work describes the prototype for a Trust
 Management Framework called SPADE (SPKI/SDSI for Attribute Release
 Policies in a Distributed Environment) that I have designed,
 developed and implemented. The principal result of this research has
 been the demonstration that SPKI/SDSI is a viable approach for trust
 management and privacy policy specification, especially for
 minimalistic policies in a distributed environment.

Note:
  M.S Thesis.
  Advisor: Sean Smith