Communicating sequential processes
Communicating sequential processes
The Z notation: a reference manual
The Z notation: a reference manual
SSL and TLS Essentials: Securing the Web with CD-ROM
SSL and TLS Essentials: Securing the Web with CD-ROM
Handbook of Applied Cryptography
Handbook of Applied Cryptography
Modelling a Public-Key Infrastructure
ESORICS '96 Proceedings of the 4th European Symposium on Research in Computer Security: Computer Security
Outbound Authentication for Programmable Secure Coprocessors
ESORICS '02 Proceedings of the 7th European Symposium on Research in Computer Security
Nonmonotonicity, User Interfaces, and Risk Assessment in Certificate Revocation
FC '01 Proceedings of the 5th International Conference on Financial Cryptography
A State-Based Model for Certificate Management Systems
PKC '00 Proceedings of the Third International Workshop on Practice and Theory in Public Key Cryptography: Public Key Cryptography
HPDC '03 Proceedings of the 12th IEEE International Symposium on High Performance Distributed Computing
A Formal Semantics for SPKI
Computer Security 2e
Cryptography: An Introduction
The modelling and analysis of security protocols: the csp approach
The modelling and analysis of security protocols: the csp approach
Practical application of CSP and FDR to software design
CSP'04 Proceedings of the 2004 international conference on Communicating Sequential Processes: the First 25 Years
Verifying the SET registration protocols
IEEE Journal on Selected Areas in Communications
A legally-admissible copyrights ownership identification protocol for digital works
Proceedings of the 4th International Conference on Internet Multimedia Computing and Service
Hi-index | 0.00 |
One of the main aims of certificate based Public Key Infrastructure (PKI) is to provide authentication in distributed systems. Through its functions, PKI authentication can be viewed as a re-usable component that can be integrated with other systems to offer strong authentication, scalability, and mobility, particularly for large organizations. PKI has been used to describe authentication in various types of applications ranging from e-commerce and web services applications to large scale systems such as Grid computing. This paper presents a formal approach for modeling certificate based PKI authentication. The approach makes use of two complementary models: one is state-based, described in Z, and the other is event-based, expressed in the Process Algebra of Hoare's Communicating Sequential Processes (CSP). The former will be used to capture the state of PKI key components used in the authentication process, the relationships between them, and model ''back-end'' operations on these components. Whereas the latter, CSP, will be used to model behavior, and in particular, ''front-end'' interactions and communications. Only when this authentication mechanism is properly formulated, reasoning about its correctness, vulnerabilities and usability can be scrutinized and possibly aided by automation.