A calculus for cryptographic protocols: the spi calculus
Proceedings of the 4th ACM conference on Computer and communications security
Mobile values, new names, and secure communication
POPL '01 Proceedings of the 28th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
ICICS '97 Proceedings of the First International Conference on Information and Communication Security
The Dolev-Yaho Intruder is the Most Powerful Attacker
LICS '01 Proceedings of the 16th Annual IEEE Symposium on Logic in Computer Science
Provably secure delegation-by-certification proxy signature schemes
InfoSecu '04 Proceedings of the 3rd international conference on Information security
On the security of public key protocols
SFCS '81 Proceedings of the 22nd Annual Symposium on Foundations of Computer Science
Detecting Man-in-the-Middle Attacks by Precise Timing
SECURWARE '09 Proceedings of the 2009 Third International Conference on Emerging Security Information, Systems and Technologies
DToken: A Lightweight and Traceable Delegation Architecture for Distributed Systems
SRDS '09 Proceedings of the 2009 28th IEEE International Symposium on Reliable Distributed Systems
DAuth: Fine-Grained Authorization Delegation for Distributed Web Application Consumers
POLICY '10 Proceedings of the 2010 IEEE International Symposium on Policies for Distributed Systems and Networks
A Delegation Solution for Universal Identity Management in SOA
IEEE Transactions on Services Computing
Correcting a delegation protocol for grids
TrustBus'11 Proceedings of the 8th international conference on Trust, privacy and security in digital business
Application of formal analysis to enhancing trust in a complex grid-based operating system
Proceedings of the 3rd international ACM SIGSOFT symposium on Architecting Critical Systems
Future Generation Computer Systems
Hi-index | 0.00 |
In this paper, we design a non-uniform static analysis for formally verifying a protocol used in large-scale Grid systems for achieving delegations from users to critical system services. The analysis reveals a few shortcomings in the protocol, such as the lack of token integrity and the possibility of repudiating a delegation session. It also reveals the vulnerability of non-deterministic delegation chains that was detected as a result of adopting a more precise analysis, which allows for more participants in the protocol than the original protocol designers envisaged.