Smart Certi cates : Extending X . 509 for Secure Attribute Services on the WebJoon

An attribute is a particular property of an entity, such as a role, access identity, group, or clearance. If attributes are provided integrity, authentication, and conndentiality, Web servers can then trust these secure attributes and use them for many purposes, such as access control, authorization, authentication, and electronic transactions. In this paper, we present a comprehensive approach to secure attribute services on the Web. We identify the user-pull and server-pull models and analyze their advantages and disadvantages. To support these models on the Web, we extend X.509 certiicates, which are already in widespread current use. We name these extended X.509 certii-cates smart certiicates. Smart certiicates have several sophisticated features: they support short-lived lifetime and multiple CAs, contain attributes, provide postdated and renewable certiicates, and provide conndentiality. This paper also discusses possible applications of smart certiicates on the Web.