Weaver G.A.,Sudikoff Laboratory HB 6211 |
Rea S.,Sudikoff Laboratory HB 6211 |
Smith S.W.,Sudikoff Laboratory HB 6211
ACM International Conference Proceeding Series | Year: 2010
Natural-language policies found in X.509 PKI describe an organization's stated policy as a set of requirements for trust. The widespread use of X.509 underscores the importance of understanding these requirements. Although many review processes are defined in terms of the semantic structure of these policies, human analysts are confined to working with page-oriented PDF texts. Our research accelerates PKI operations by enabling machines to translate between policy page numbers and policy reference structure. Adapting technologies supporting the analysis of Classical texts, we introduce two new tools. Our Vertical Variance Reporter helps analysts efficiently compare the reference structure of two policies. Our Citation-Aware HTML enables machines to process human-readable displays of policies in terms of this reference structure. We evaluate these contributions in terms of real-world feedback and observations from organizations that audit or accredit policies. © 2010 ACM.