Public key cryptography is often used to verify the integrity of a piece of data, or more generally to ensure that operations which modify the data have been requested and carried out by principles who are authorized to do so. This requires keys to be bound to principles in an unforgeably verifiable manner. Cryptographic bit patterns such as electronic key certificates (EKCs) have a part to play in establishing such bindings, but the requirement ultimately to bind keys to real world entities imposes subtle constraints upon the structure and semantics of EKCs and related entities such as ACLs and capabilities, and upon the role which such entities may play in access control and integrity verification. These do not appear to be adequately realized at present.
|UH Computer Science technical Report
|University of Hertfordshire