Certificate distribution with local autonomy

Pankaj Kakkar, Michael McDougall, Carl A. Gunter, Trevor Jim

Research output: Chapter in Book/Report/Conference proceedingConference contribution


Any security architecture for a wide area network system spanning multiple administrative domains will require support for policy delegation and certificate distribution across the network. Practical solutions will support local autonomy requirements of participating domains by allowing local policies to vary but imposing restrictions to ensure overall coherence of the system. This paper describes the design of a such a system to control access to experiments on the ABone active network testbed. This is done through a special-purpose language extending the Query Certificate Manager (QCM) system to include protocols for secure mirroring. Our approach allows significant local autonomy while ensuring global security of the system by integrating verification with retrieval. This enables transparent support for a variety of certificate distribution protocols. We analyze requirements of the ABONE application, describe the design of a security infrastructure for it, and discuss steps toward implementation, testing and deployment of the system.

Original languageEnglish (US)
Title of host publicationActive Networks - 2nd International Working Conference, IWAN 2000, Proceedings
EditorsHiroshi Yasuda
Number of pages19
ISBN (Electronic)3540411798, 9783540411796
StatePublished - 2000
Externally publishedYes
Event2nd International Working Conference on Active Networks, IWAN 2000 - Tokyo, Japan
Duration: Oct 16 2000Oct 18 2000

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349


Other2nd International Working Conference on Active Networks, IWAN 2000


  • ABone
  • Access control
  • Active networks
  • Certificate distribution
  • Local autonomy
  • QCM
  • Query certificate manager
  • Security policy

ASJC Scopus subject areas

  • Theoretical Computer Science
  • Computer Science(all)


Dive into the research topics of 'Certificate distribution with local autonomy'. Together they form a unique fingerprint.

Cite this