
Editorial
Select search scope: search across all journals or within the current journal

A framework for secure WWW client/server communication is proposed. Strong end-to-end encryption and authentication is achieved by means of public key techniques. A particular certification infrastructure is developed that helps assign responsibilities in case of disputes. Such issues are increasingly important in WWW applications and are not dealt with in a satisfactory way by current certification schemes. Actual communication is done with the HTTP protocol unchanged and by using standard commercial browsers, because widespread usability is a goal. Encryption and authentication is done separately based on the execution of applets running on the client machine.
This paper presents an interesting application of the Tillich–Zémor function
This short paper introduces the CWASAR project. The goal of CWASAR is to design implement a low cost European infrastructure for a secure electronic market place. The project was preceded by a market analysis in Germany, Spain and France, of the basic user requirements for a European-oriented system. From the results of this analysis, we have defined the main functional and architectural components of CWASAR. The description of these components is the subject of this paper. In particular, we focus on the features specifically designed to cater for the varying security requirements of end users, as well as the problems posed by the differing legal positions held by individual EU states on the use of security techniques. The CWASAR project is sponsored by the European Union.
This paper describes a communications primitive, anonymous connections, that supports bidirectional and near real-time channels that are resistant to both eavesdropping and traffic analysis. The connections are made anonymous, although communication need not be. These anonymous connections are versatile and support private use of many different Internet services. For our purposes, privacy means maintaining the confidentiality of both the data stream and the identity of communicating parties. These are both kept confidential from network elements as well as external observers. Private Web browsing is achieved by unmodified Web browsers using anonymous connections by means of HTTP proxies. Private Web browsing may be made anonymous too by a specialized proxy that removes identifying information from the HTTP data stream. This article specifies anonymous connections, describes our implementation, and discusses its application to Web browsing via HTTP proxies.
As part of the Stanford Digital Libraries Project, we have prototyped a novel architecture for security and access control in heterogeneous, networked environments. Conceptually, this architecture recasts security issues from an “information access” metaphor into a “relationship management” framework and uniformly applies a contracting model. Architecturally, it introduces a “network-centric” design that generalizes previous models of client- or server-centered control into a third, relationship-based form.
Often an information source on the Web would like to provide different classes of service to different clients. In the autonomous, highly distributed world of the Web, the traditional approach of using authentication to differentiate between classes of clients is no longer sufficient, as knowledge of a client's identity will often not suffice to determine whether a client is authorized to use a service. Our goal in this research project is to explore the use of digital credentials, digital analogues of the paper credentials we carry in our wallets today, to help solve this problem. In this paper we describe the major features required of a Web environment deploying digital credentials, including the introduction of security assistants for both clients and servers, and report on the status of our investigation into a credential-based environment.