Authors : S. Radhakrishnan , A.Chandrasekar and N.V Ballaji
Abstract: A Public Key Infrastructure (PKI) integrates software, hardware, encryption technologies- and services for managing the cryptographic infrastructure and users` public keys. It uses digital certificates as an authentication mechanism and is built to better manage certificates and their associated keys. The mechanism of certifying and revoking of public keys, private key escrow has been explored. But others have given less attention to regulating access to stored keys. In this study, we are proposing extensions to PKI such as key escrow, a protected use of keys and recovery. We discuss an exclusive protocol known to be Authorization certificate protocol, which allows owners to authorize others to perform various actions, based on their keys (say decryption) perhaps preventing them from knowing the private key. Also this protocol provides more security by canceling out the authorization once the allotted period is over. ACP defines a set of rules for owner to authorize others security and describes how a registration authority and issuance process should get changed in order to enable time bound authorization in PKI.
S. Radhakrishnan , A.Chandrasekar and N.V Ballaji , 2006. Time Bound Authorization in PKI. Asian Journal of Information Technology, 5: 1323-1327.