Digital credentials enable users to perform secure interactions by proving either their identity or that they posses certain attributes. Special care is taken to protect these credentials and their associated private keys during transaction time. However, protection of these items outside of the transaction is often delegated to a secure credential repository. A mobile environment creates significant challenges for secure repositories. We examine these challenges with respect to existing repository practices and produce a set of requirements that a repository must meet in order to cope with the harshness of a mobile environment. We also present the design and implementation of Thor (The hybrid online repository), a system that fulfills these requirements. Thor leverages preexisting local and remote repositories and enhances their usability and security through centralized management, credential context subsets, and credential identifier obfuscation.
College and Department
Physical and Mathematical Sciences; Computer Science
BYU ScholarsArchive Citation
Van Der Horst, Timothy W., "Thor: The Hybrid Online Repository" (2005). Theses and Dissertations. 240.
credential repository, mobile environment, hybrid repository, Thor