Efficient Algorithms for Model Checking Pushdown Systems
CAV '00 Proceedings of the 12th International Conference on Computer Aided Verification
A Formal Semantics for SPKI
Weighted pushdown systems and their application to interprocedural dataflow analysis
Science of Computer Programming - Special issue: Static analysis symposium (SAS 2003)
| Hi-index | 0.00 |
The SPKI/SDSI is a security infrastructure whose principal goal is to facilitate the building of secure, scalable, distributed computing systems. Given a set of SPKI/SDSI certificates, the decision on granting access to a resource by a user is taken by using a certificate chain discovery process. SPKI/SDSI infrastructure allows validity specification. The validity specification is a time period during which a certificate is valid. This validity specification, as defined in the specification RFC-2693, allows for limited constraints on the certificate. But the specification also allows for more powerful constraints specification. In this paper we demonstrate how weak Monadic Second Order (WS1S) logic can be used for specification of general validity constraint, with specific example provided for time constraints which is represented as interval on an abstract domain, and manipulated as WS1S formula. We also show this logic can be combined with Weighted Pushdown System (WPDS) to formally answer most of authorization questions based on the given validity period.