SECURING WEB SERVICES USING IDENTITY-BASED ENCRYPTION (IBE)

摘要

There is obvious need in cooperation between organizations. A recent trend is cooperation online, which result in the need of facilitating and managing cross-domain access to information and applications. It is important to utilize open standards that leverage existing technologies instead of replacing them. WS-Security, emitted by OASIS, defines standards on how to encode security tokens. In this paper we look at the use of Identity-based Encryption to leverage the exchange of security tokens, and how it can be implemented with WS-Security. Identity-based encryption offers, compared to the more conventional PKI, some additional advantages. For instance: databases maintaining public-key certificates are now longer necessary, this simplify key management, saves space, and eliminate the threat of attacks on these databases. It is also more suitable to grant collective access to groups, and is therefore suited for role based access control. We do not suggest Identity-based encryption as a replacement, but rather a complementary.