Re: Multi-layered PKI implementation

To: debian-user@lists.debian.org
Subject: Re: Multi-layered PKI implementation
From: James Westby <jw+debian@jameswestby.net>
Date: Thu, 4 May 2006 05:28:18 +0100
Message-id: <[🔎] 20060504042814.GA7656@jameswestby.net>
Mail-followup-to: debian-user@lists.debian.org
In-reply-to: <[🔎] c413b2a20605031829k25977be4p3ea55d51542561fd@mail.gmail.com>
References: <[🔎] c413b2a20605031829k25977be4p3ea55d51542561fd@mail.gmail.com>

On (03/05/06 20:29), Grant Thomas wrote:
> When large buildings are keyed for locks, locks can be keyed for
> different layers of security.
> 
> So, there might be the highest key, or skeleton key's used in old
> houses that opened all the doors, and multiple levels of sub keys,
> down to a key that opens only one lock.
> 
> I think I have a grasp on the basics of PKI as it relates to X.509
> certificates, but I'm wondering if there is a PKI implementation that
> allows for multiple layers of access built into the keys themselves.

PKI is for authentication, not for access control.

The certificates (the key being the secret that ties a certificate to
an individual) merely provide a method by which one party can be
confident about the identity of another party, usually by relying on a
third party (or fourth, fifth...).

In a slighty simplified view of X.509 each party has a certificate
stating who they are, and they have a key that ties them to it. They
then have a Certificate Authority sign this certificate after a
process of verifying the information. They can then present this
certificate to anybody, no matter whether they have ever had any
contact with them before, and that person can verify the identity of
the first person by checking the signature of the CA on the
certificate. This then moves the trust from the person presenting the
certificate to the CA. 

So within an organisation there may be a CA set up for internal use.
This CA issues certificates for each member of staff, tying their
identity to the certificate. When it becomes time for them to
authenticate themselves to something, (e.g. the central database) they
can present their certificate as authentication.

The access control would come from the linkage between individuals and
the things that they are allowed to do. So the access control on the
database would first authenticate the user, and then allow them access
depending on whether or not there as an entry in their access control
database allowing them to.

For a slightly different way of approaching this you may want to look
at SPKI which ties the certificates to roles, meaning that merely
possessing the certificate allows you to do something.
http://world.std.com/~cme/html/spki.html

The point I hope I have got across is that certificates are for
authentication, it is what you choose to do with them that will give
you the hierarchy.

I hope I have been helpful,

James

-- 
  James Westby
  jw+debian@jameswestby.net
  http://jameswestby.net/

Reply to:

Follow-Ups:
- Re: Multi-layered PKI implementation
  - From: Paul E Condon <pecondon@mesanetworks.net>

References:
- Multi-layered PKI implementation
  - From: "Grant Thomas" <eldowan.debian@gmail.com>

Prev by Date: Re: sensors, alarms, crashes!
Next by Date: ALERT! /dev/sda1 does not exist. Dropping to a shell...
Previous by thread: Multi-layered PKI implementation
Next by thread: Re: Multi-layered PKI implementation
Index(es):
- Date
- Thread