Computer Networks: The International Journal of Computer and Telecommunications Networking - Special issue on computer network security
The role of trust management in distributed systems security
Secure Internet programming
Delegation logic: A logic-based approach to distributed authorization
ACM Transactions on Information and System Security (TISSEC)
Modelling a Public-Key Infrastructure
ESORICS '96 Proceedings of the 4th European Symposium on Research in Computer Security: Computer Security
ESORICS '00 Proceedings of the 6th European Symposium on Research in Computer Security
Nonmonotonicity, User Interfaces, and Risk Assessment in Certificate Revocation
FC '01 Proceedings of the 5th International Conference on Financial Cryptography
On Certificate Revocation and Validation
FC '98 Proceedings of the Second International Conference on Financial Cryptography
Compliance Checking in the PolicyMaker Trust Management System
FC '98 Proceedings of the Second International Conference on Financial Cryptography
Role-Based Access Control With X.509 Attribute Certificates
IEEE Internet Computing
A Model of Certificate Revocation
ACSAC '99 Proceedings of the 15th Annual Computer Security Applications Conference
Beyond Proof-of-Compliance: Safety and Availability Analysis in Trust Management
SP '03 Proceedings of the 2003 IEEE Symposium on Security and Privacy
An Online Credential Repository for the Grid: MyProxy
HPDC '01 Proceedings of the 10th IEEE International Symposium on High Performance Distributed Computing
Understanding Trust Management Systems
SP '01 Proceedings of the 2001 IEEE Symposium on Security and Privacy
Decentralized trust management
SP'96 Proceedings of the 1996 IEEE conference on Security and privacy
Reasoning about public-key certification: on bindings between entities and public keys
IEEE Journal on Selected Areas in Communications
Certificate revocation and certificate update
IEEE Journal on Selected Areas in Communications
Towards a precise semantics for authenticity and trust
Proceedings of the 2006 International Conference on Privacy, Security and Trust: Bridge the Gap Between PST Technologies and Business Services
Reasoning about attribute authenticity in a web environment
AAAI'07 Proceedings of the 22nd national conference on Artificial intelligence - Volume 2
Implementing credential networks
iTrust'06 Proceedings of the 4th international conference on Trust Management
Modeling long-term signature validation for resolution of dispute
TOSCA'11 Proceedings of the 2011 international conference on Theory of Security and Applications
Certification validation: back to the past
EuroPKI'11 Proceedings of the 8th European conference on Public Key Infrastructures, Services, and Applications
Certification validation: Back to the past
Computers & Mathematics with Applications
| Hi-index | 0.00 |
PKIs are complex distributed systems that are responsible for giving users enough information to make reasonable trust judgments about one another. Since the currencies of PKI are trust and certificates, users who make trust decisions (often called relying parties) must do so using only some initial trust beliefs about the PKI and some pile of certificates (and other assertions) they received from the PKI. Given a certificate, a relying party needs to conclude that the keyholder described by the certificate actually possesses the properties described by the certificate. In this paper, we present a calculus that allows relying parties to make such trust judgements. Our calculus extends Maurer's deterministic model, and is focused on real world issues such as time, revocation, delegation, and heterogeneous certificate formats. We then demonstrate how our calculus can be used to reason about numerous situations that arise in practice.