Brief Description of the Research:

With new trends in IT technologies, new applications, and environments, security is becoming

• more and more important due to increased risks, new user demands and unconventional requirements, and
• more and more difficult to design, implement, install, run, and control due to the increased number of participants, complexity of protocols, application models, and application environments.

In the new circumstances the promising approach could be modeling of security environments, transactions, protocols and rules as the multi–party, multi–application, and multi–protocol system. This system may comprise of different components, protocols, and processing phases, but all smoothly and transparently integrated together into a single and secure distributed processing environment. In order to design, analyze and eventually implement such a system, the following IT security aspects and areas must be addressed and solved:

1. Multi–application smart cards, based either on file cards or virtual machine (Java) cards, supporting multiple smart cards application. Flexible system must be created to initialize and personalize multi–application smart cards, to add applications, to use cross–pointers references for sharing internal card data, etc.
2. Multi–party encapsulation of objects (files, documents, messages, etc), with multiple asynchronous signers, multiple recipients and flexible intermediate verification and processing components.
3. Multi–party authorization schemes with multiple authorities and multiple verifiers, all performed in an open environments and with multiple target applications and resources.

The challenge is to create a comprehensive security system with complete and integrated security administration and management functions, with flexible and easy–to–use user interfaces and APIs, and with functional security protocols between different components of the overall security system.

At the end of this research, we would expect a new concept of a multi-party security system, which will provide:

• All necessary security extensions of a Web entities (Web servers, browsers, WAP clients etc.) covering user authentication, cryptography, certification, messages protection, multi-application smart cards, etc;
• Secure multi-party protocol, supporting remote strong authentication, single sign–on protocol, protection of messages and documents in transfer, delegation and authorization forwarding, etc.;
• Security infrastructure supporting secure WWW transactions in a global, open environment with certification, distributed remote authorization, trust and availability of all operations.

Created and Maintained by:Nandika Kasun
Last modified : March 13, 2001