Reducing the Dependence of Trust-Management Systems on PKI

Abstract

Trust-management systems address the authorization problem in distributed systems by defining a formal language for expressing authorization and access-control policies, and relying on an algorithm to determine when a specific request can be granted. For authorization in distributed systems, trust-management systems offer several advantages over other approaches, such as support for delegation and making authorization decisions in a decentralized manner. This paper focuses on a popular trust-management system SPKI/SDSI. Although SPKI/SDSI is an attractive system for authorization in distributed systems, it has seen limited deployment. One of the major hurdles in deploying SPKI/SDSI is that it is PKI-based, i.e., every principal is required to have a public-private key pair. We present an approach that combines SPKI/SDSI with a widely-deployed authentication system, Kerberos, to reduce reliance of SPKI/SDSI on PKI. In our approach, only sites need public-private key pairs. We believe that reducing the reliance of SPKI/SDSI on PKI will facilitate its wider deployment. We also have implemented a prototype of our technique.