Summary for “A Hybrid PKI Model with an Application for Secure 
Mediation”

Overview

Today’s distributed systems or ubiquitous computing environments may 
contain hundreds or thousands of autonomous entities that may need to 
communicate with one another and access services or resources. There is 
a need to identify the entities that try to access resources or 
services and determine their access rights. Traditional access lists 
are no longer practical, because they require all clients to be 
predetermined and permissions to be assigned beforehand. Public-key 
cryptography enables different entities to communicate securely. On one 
hand, trusted authorities are used to ascertain the ownership of a 
public key by issuing “free properties.” On the other hand, many access 
control mechanisms assign “bound properties” which use some form of 
delegation to establish some relation between a client entity and a 
server entity. Typically this relation represents permissions assigned 
to clients for particular tasks. This paper suggests a model to combine 
these two types of properties. The paper presents some applications for 
the model and talks about some design and implementation issues. 

Discussion Points
* The need for trust building and trust negotiation protocols.
* The relationship between this hybrid system and their proposed secure 
mediation protocol.
* Other scenarios where this hybrid approach can be useful. 
* Other applications that could benefit from such a model.
* Practicality and application of this approach in ubiquitous and 
pervasive computing environments. 
* How applicable this system to NCSA’s setting, where they have 
different systems; some using free properties e.g. their PKI, and 
others using bound properties e.g. Kerberos, MyProxy etc. 
* The possibility of using this model for interoperability between 
different types of systems.

Pros
* Addresses a real problem that exists in today’s networks and 
distributed systems.
* Proposes a way for enabling interoperability between different 
identification and access control mechanisms.
* Dividing the world into a hidden real world and a virtual visible 
world is a good idea. This model captures the fact that some entities 
can exist in the real world in a transparent manner without revealing 
information about themselves to other entities. On the other hand, the 
same entity in the real world can have multiple representations in the 
virtual world, i.e. by having different roles or certificates. 

Cons
* In general, the paper is poorly organized. For example, it seems like 
the motivation is mentioned near the end, where it ought to be in the 
beginning. 
* Many terms defined but not used later.
* The conversion of free properties into bound properties is vague. 
* More applications for the model should be cited.