Formal Modelling of PKI Based Authentication

Authors:
Ali Nasrat Haidar;Ali E. Abdallah
Affiliations:
E-Security Research Centre, Institute for Computing Research, London South Bank University, 103 Borough Road, London, UK;E-Security Research Centre, Institute for Computing Research, London South Bank University, 103 Borough Road, London, UK
Venue:
Electronic Notes in Theoretical Computer Science (ENTCS)
Year:
2009

Citing 15
Cited 1

Communicating sequential processes

Communicating sequential processes
The Z notation: a reference manual

The Z notation: a reference manual
SSL and TLS Essentials: Securing the Web with CD-ROM

SSL and TLS Essentials: Securing the Web with CD-ROM
Handbook of Applied Cryptography

Handbook of Applied Cryptography
Modelling a Public-Key Infrastructure

ESORICS '96 Proceedings of the 4th European Symposium on Research in Computer Security: Computer Security
Outbound Authentication for Programmable Secure Coprocessors

ESORICS '02 Proceedings of the 7th European Symposium on Research in Computer Security
Nonmonotonicity, User Interfaces, and Risk Assessment in Certificate Revocation

FC '01 Proceedings of the 5th International Conference on Financial Cryptography
A State-Based Model for Certificate Management Systems

PKC '00 Proceedings of the Third International Workshop on Practice and Theory in Public Key Cryptography: Public Key Cryptography
Security for Grid Services

HPDC '03 Proceedings of the 12th IEEE International Symposium on High Performance Distributed Computing
A Formal Semantics for SPKI

A Formal Semantics for SPKI
Computer Security 2e

Computer Security 2e
Cryptography: An Introduction

Cryptography: An Introduction
The modelling and analysis of security protocols: the csp approach

The modelling and analysis of security protocols: the csp approach
Practical application of CSP and FDR to software design

CSP'04 Proceedings of the 2004 international conference on Communicating Sequential Processes: the First 25 Years
Verifying the SET registration protocols

IEEE Journal on Selected Areas in Communications

A legally-admissible copyrights ownership identification protocol for digital works

Proceedings of the 4th International Conference on Internet Multimedia Computing and Service

Quantified Score

Hi-index	0.00

Visualization

Abstract

One of the main aims of certificate based Public Key Infrastructure (PKI) is to provide authentication in distributed systems. Through its functions, PKI authentication can be viewed as a re-usable component that can be integrated with other systems to offer strong authentication, scalability, and mobility, particularly for large organizations. PKI has been used to describe authentication in various types of applications ranging from e-commerce and web services applications to large scale systems such as Grid computing. This paper presents a formal approach for modeling certificate based PKI authentication. The approach makes use of two complementary models: one is state-based, described in Z, and the other is event-based, expressed in the Process Algebra of Hoare's Communicating Sequential Processes (CSP). The former will be used to capture the state of PKI key components used in the authentication process, the relationships between them, and model ''back-end'' operations on these components. Whereas the latter, CSP, will be used to model behavior, and in particular, ''front-end'' interactions and communications. Only when this authentication mechanism is properly formulated, reasoning about its correctness, vulnerabilities and usability can be scrutinized and possibly aided by automation.