Efficient and Scalable Infrastructure Support for Dynamic
The project is for certificate revocation schemes and public
key infrastructure components to enable secure collaboration within
established coalitions. Novel infrastructure security services are
the successful operation of a coalition across multiple domains.
management is especially challenging in a dynamic real-time
Also, scalability and integration across domains should be
Traditional certificate management schemes use certificate
lists maintained by certificate authorities. This approach requires
signed list to be transmitted to any user who requests certificate
While this approach is secure and is being deployed in practice, it
substantial (linear size) communication overhead and is not a
scalable solution for dynamic coalitions.
Extending preliminary work on the subject, this project developed a
novel certificate revocation scheme in Java that supports fast
language and platform independent certificate verification
and small communication overhead.
M. T. Goodrich, M. Shin, R. Tamassia, W. H. Winsborough, Authenticated dictionaries for fresh
credentials, Proc. Trust Management Conference,
pages 332--347, Springer, LNCS 2692, 2003.
M. T. Goodrich, R. Tamassia, N. Triandopoulos and R. Cohen,
Authenticated Data Structures for
and Geometric Searching, Proc. RSA Conference --
pages 295--313, Springer, LNCS 2612, 2003.
D. J. Polivy and R. Tamassia, Authenticating Distributed Data
Services and XML Signatures, Proc. ACM Workshop on XML
Security, ACM Press, 2002.
M. T. Goodrich, and R. Tamassia and J. Hasic, An Efficient Dynamic and Distributed
Cryptographic Accumulator, Proc. Information Security
Conference (ISC 2002) Lecture
Notes in Computer Science, vol. 2433, Springer-Verlag,
pp. 372-388, 2002.
R. Tamassia, Efficient
Authentication of Distributed Data and Transactions,
vol. 10, no. 2, Department of Computer Science, Brown
A. Anagnostopoulos, M. T. Goodrich, and R. Tamassia, Persistent Authenticated Dictionaries
Their Applications, Proc. Information Security
(ISC 2001), Lecture
in Computer Science, vol.
Springer-Verlag, pp. 379-393, 2001.
M. T. Goodrich, R. Tamassia, and A. Schwerin, Implementation of an Authenticated
Dictionary with Skip Lists and Commutative Hashing,
Information Survivability Conference and Exposition (DISCEX
Press, vol. 2, pp. 68-82, 2001.
This project was supported by DARPA under
Michael Goodrich, Project Leader.