Query Certificate Managers

A Query Certificate Manager (QCM) is a server used for the authenticated distribution of sensitive information over an insecure network. A QCM server acts like a secure, distributed database: it queries remote QCM servers to answer local queries about distributed data, and ensures the authenticity of the data by cryptographic means. Moreover, QCM can accept digitally-signed certificates issued by remote servers. When such certificates are submitted along with the local query, queries to the remote servers are short-circuited. The management of queries and certificates is completely automatic and transparent to the user. Applications such as directory services, public key distribution, and distributed access control lists are directly programmable in QCM, and QCM has a formal semantics and correctness guarantees.

People

• Carl A. Gunter
• Trevor Jim
• Pankaj Kakkar
• Michael McDougall

Papers

• What is QCM?  (pdf)
• Certificate Distribution with Local Autonomy (pdf)
• Policy-Directed Certificate Retrieval  (pdf) - Software Practice and Experience SPE 00
• Generalized Certificate Revocation (pdf) - Principles of Programming Languages POPL 00
• A Secure PLAN  (pdf) - International Workshop on Active Networks IWAN 99
• PLAN System Security  (pdf) - Technical Report MS-CIS-98-25 Penn 98
• Design of an Application-Level Security Infrastructure - DIMACS Workshop on Design and Formal Verification of Security Protocols 97

Related Sites

• The Switchware Project
• QCMD Distribution
• The COASTarchive and security hotlist
• ASID: Access, Searching and Indexing of Directories, including LDAP
• DNS and DNSSEC: The Domain Name System and security extensions
• IDS: Integrated Directory Services
• IPSEC: IP Security Protocol
• JMAPI: Java Management API
• JNDI: Java Naming & Directory Interface
• PICS: Platform for Internet Content Selection
• A paper on PolicyMaker
• SDSI: Simple Distributed Security Infrastructure
• SPKI: Simple Public Key Infrastructure
• SRVLOC: Service Location Protocol