ACM Transactions on Computer Systems (TOCS)
ACM SIGMOD Record
Principles of programming with complex objects and collection types
ICDT '92 Selected papers of the fourth international conference on Database theory
An authentication logic supporting synchronization, revocation, and recency
CCS '96 Proceedings of the 3rd ACM conference on Computer and communications security
Proceedings of the Second International Conference on Financial Cryptography
FC '98 Proceedings of the Second International Conference on Financial Cryptography
Fast Digital Identity Revocation (Extended Abstract)
CRYPTO '98 Proceedings of the 18th Annual International Cryptology Conference on Advances in Cryptology
Certificate Recocation: Mechanics and Meaning
FC '98 Proceedings of the Second International Conference on Financial Cryptography
Can We Eliminate Certificate Revocations Lists?
FC '98 Proceedings of the Second International Conference on Financial Cryptography
On Certificate Revocation and Validation
FC '98 Proceedings of the Second International Conference on Financial Cryptography
Revocation: Options and Challenges
FC '98 Proceedings of the Second International Conference on Financial Cryptography
Certificate Revocation the Responsible Way
CSDA '98 Proceedings of the Conference on Computer Security, Dependability, and Assurance: From Needs to Solutions
Recent-secure authentication: enforcing revocation in distributed systems
SP '95 Proceedings of the 1995 IEEE Symposium on Security and Privacy
Decentralized Trust Management
SP '96 Proceedings of the 1996 IEEE Symposium on Security and Privacy
Efficient Certificate Revocation
Efficient Certificate Revocation
Certificate revocation and certificate update
SSYM'98 Proceedings of the 7th conference on USENIX Security Symposium - Volume 7
Dynamically distributed query evaluation
PODS '01 Proceedings of the twentieth ACM SIGMOD-SIGACT-SIGART symposium on Principles of database systems
Certificate Distribution with Local Autonomy
IWAN '00 Proceedings of the Second International Working Conference on Active Networks
Nonmonotonicity, User Interfaces, and Risk Assessment in Certificate Revocation
FC '01 Proceedings of the 5th International Conference on Financial Cryptography
Persistent Authenticated Dictionaries and Their Applications
ISC '01 Proceedings of the 4th International Conference on Information Security
TARP: Ticket-based address resolution protocol
Computer Networks: The International Journal of Computer and Telecommunications Networking
Run-time principals in information-flow type systems
ACM Transactions on Programming Languages and Systems (TOPLAS)
Authorization in trust management: Features and foundations
ACM Computing Surveys (CSUR)
Empirical Analysis of Certificate Revocation Lists
Proceeedings of the 22nd annual IFIP WG 11.3 working conference on Data and Applications Security
Cacheable Decentralized Groups for Grid Resource Access Control
GRID '06 Proceedings of the 7th IEEE/ACM International Conference on Grid Computing
Certificate revocation release policies
Journal of Computer Security
On the cost of persistence and authentication in skip lists
WEA'07 Proceedings of the 6th international conference on Experimental algorithms
A model for distribution and revocation of certificates
ICGT'10 Proceedings of the 5th international conference on Graph transformations
NordSec'11 Proceedings of the 16th Nordic conference on Information Security Technology for Applications
Declarative secure distributed information systems
Computer Languages, Systems and Structures
| Hi-index | 0.00 |
We introduce a language for creating and manipulating certificates, that is, digitally signed data based on public key cryptography, and a system for revoking certificates. Our approach provides a uniform mechanism for secure distribution of public key bindings, authorizations, and revocation information. An external language for the description of these and other forms of data is compiled into an intermediate language with a well-defined denotational and operational semantics. The internal language is used to carry out consistency checks for security, and optimizations for efficiency. Our primary contribution is a technique for treating revocation data dually to other sorts of information using a polarity discipline in the intermediate language.