Security Aspects of the Handle System

1
Security Aspects of the Handle System
Sam X. SunCNRIssun_at_cnri.reston.va.us
2
Design Considerations

• Secured Resolution
• Authorized Administration
• Distributed Ownership
• Customizable and Extendable
• Support both Public Key and Secret Key

3
Security Considerations

• Service Integrity
• Confidentiality
• Authentication and Authorization
• Non-Repudiation

4
Security Features of the HS Protocol

• Server authentication via digital signature.
• Client authentication via challenge-response
  protocol.
• Data integrity via server signature.
• Content credential via data ltreferencegt.

5
Security Features of the HS Protocol(cont.)

• Ownership and access control defined via HS_ADMIN
  record.
• Data confidentiality via encryption upon request
  using a session key.

6
Handle System Protocol Specification

• Handle System Overviewhttp//www.ietf.org/interne
  t-drafts/draft-sun-handle-system-05.txt
• Handle System Namespace and Service Definition
  http//www.ietf.org/internet-drafts/draft-sun-han
  dle-system-def-03.txt
• Handle System Protocol Specificationavailable
  soon

7
Handle System Applications

• A secured name-value binding service.
• Ownership of the named object.
• Better sharing of network resources (data and its
  storage, processing power, etc.).
• Accessing remote system as part of the local
  system.

8
Handle System and PKI

• A secured name service that separates transport
  security from content credential.
• Allows direct authorization and verification from
  authorization agency.
• Bypass Certificate Agency (CA) or CRL.
• Persistent identity reference.

9
Next Step...
Applications, applications, applications...