The present invention relates generally to credential-based authorization in computer systems, and more particularly to authorization of user computers based on attribute credentials to gain access to resources controlled by verifier computers.
This section is intended to provide a background or context to the invention disclosed below. The description herein may include concepts that could be pursued, but are not necessarily ones that have been previously conceived, implemented or described. Therefore, unless otherwise explicitly indicated herein, what is described in this section is not prior art to the description in this application and is not admitted to be prior art by inclusion in this section.
Cryptographic credentials are widely used in computer systems to prove that a user in possession of the credential is authorized to access some resource to which access is controlled by a verifier computer. A cryptographic credential is essentially a certificate generated via a cryptographic process by a credential issuing authority who has verified the information certified by the credential. This information is cryptographically encoded in the credential to certify correctness of the information. The items of information certified by a credential are commonly referred to as “attributes”. An attribute can represent any item of information, relating, for instance, to some property, characteristic, quality, role, qualification, or other feature describing or otherwise associated with a user or user computer. The user computer storing the attribute credential can then use the credential in communications with a verifier computer to demonstrate authorization to access a restricted resource, and in particular that one or more attributes in the credential satisfy the access condition for the resource. One common example is where a user computer connects to a remote server via the Internet and requests requesting access to a restricted web site, with verification of an appropriate cryptographic credential being required before access is permitted.
Credential systems must allow for revocation of credentials so that a previously-issued credential cannot be used if the information certified is no longer correct. In standardized systems, a credential is either completely revoked or valid. Typically, a dedicated revocation authority manages revocation of credentials. The revocation authority publishes revocation information which allows revoked credentials to be identified. The revocation information may, for example, comprise a list of revoked credential IDs. Verifiers can then check the latest revocation information to make sure that that a credential presented by a user in an access request is still valid.