Scaling for the Internet series, meeting 9
Trust, but Verify
9:00am-9:30am: Coffee/Network
9:30am-12:00pm: BART Meeting
Hyatt Rickeys Hotel - Palo Alto
4219 El Camino Real
Tel (650) 493-8000
Checks should be made payable to UC Regents.
No reservations required.
Weaving a Web of Trust
Rohit Khare, UC Irvine, rohit@uci.edu, www.ics.uci.edu/~rohit
As once-proprietary mission-specific information systems migrate onto the Web, traditional security analysis cannot sufficiently protect each subsystem atomically. The Web encourages open, decentralized systems that span multiple administrative domains. Trust Management is an emerging framework for decentralizing security decisions that helps developers and others in asking "why" trust is granted rather than immediately focusing on "how" cryptography can enforce it. This talk introduces the fundamental principles, principals, and policies of Trust Management, as well as Web- specific pragmatic issues. [This work was originally presented in the World Wide Web Journal, First Monday, and the National Research Council Computer Science and Telecommunication Board's Information Systems Trustworthiness committee. See http://www.cs.caltech.edu/~adam/papers/trust.html]
Biography: Rohit Khare joined the Ph.D. program in computer science at the University of California, Irvine in Fall 1997, after serving as a member of the MCI Internet Architecture staff. He was previously on the technical staff of the World Wide Web Consortium at MIT, where he focused on security and electronic commerce issues. He has been involved in the development of cryptographic software tools and Web-related standards development. Rohit received a B.S. in Engineering and Applied Science and in Economics from the California Institute of Technology in 1995.
Validating the Net: an Internet-scale Certificate Validation Service
Ambarish Malpani, Founder and Lead Architect, Valicert,
ambarish@valicert.com
ValiCert's universal approach addresses potentially debilitating performance and compatibility problems related to certificate validation. A key component of the ValiCert solution is its high performance Certificate Revocation Tree (CRT) technology, which allows validation of digital certificates without downloading the entire global revocation list. This approach scales easily to accommodate hundreds of billions of certificates without creating an undue burden on the client requesting validation information. The result: vastly improved performance compared to earlier mechanisms, such as Certificate Revocation Lists (CRLs).
Biography: Ambarish Malpani is ValiCert's first employee and joined the company with over ten years of industry experience as a systems designer and architect. Most recently, Ambarish was a consultant specializing in cryptography and Internet applications. Ambarish holds an M.S. degree from the University of California at Santa Barbara and a B.S. degree from the Indian Institute of Technology, Bombay.
Coordinator: Richard N. Taylor, Director, UC Irvine/IRUS, taylor@ics.uci.edu, www.ics.uci.edu/~taylor
Directions to the meeting are available.
Upcoming Meeting:
Friday, November 13, 1998
Topic: Scaling for the Internet Series, meeting 10: Search Engines/Databases/Data Mining
Speakers: TBA
Coordinator: Patricia Cornwell, Hewlett Packard, patricia_cornwell@hp.com
The Irvine Research Unit in Software wishes to thank its corporate sponsors:
Sustaining:
The Boeing Company * Boeing North American, Inc. * Microsoft Corporation
Northrop Grumman Corporation * Raytheon Company * Sun Microsystems Laboratories * TRW
Supporting:
Beckman Coulter * FileNet Corporation * Printronix, Inc.Continuus Software Corporation * Hewlett Packard
For further information on
BART or
IRUS, contact
Debra Brodbeck
at (949) 824-2260;
brodbeck@ics.uci.edu
Irvine Research Unit in Software