PKI-based AAIs 2/5

• E-commerce and e-business applications generally need a possibility to authorize entities (in addition to authentication)

• Consequently, some type of Privilege Management Infra-structure (PMI) must be put in place

• PMI is the next-generation buzzword in the PKI industry

• A PMI is conceptually similar to a PKI-based AAI

• There are several possibilities to implement PMIs and PKI-based AAIs:

  • Encode authorization information in public key certificates (e.g., using ITU-T X.509 v3 extension fields)
  • Use of attribute certificates
  • Manage authorization information in a database management system (DBMS)

Previous slide

Next slide

Back to first slide

View graphic version