Authentication in distributed systems: theory and practice
ACM Transactions on Computer Systems (TOCS)
Inside Java 2 platform security architecture, API design, and implementation
Inside Java 2 platform security architecture, API design, and implementation
On SDSI's linked local name spaces
Journal of Computer Security
Authentication: A Practical Study in Belief and Action
Proceedings of the 2nd Conference on Theoretical Aspects of Reasoning about Knowledge
Overview of the AT&T Labs Trust-Management Project (Position Paper)
Proceedings of the 6th International Workshop on Security Protocols
Intensional specifications of security protocols
CSFW '96 Proceedings of the 9th IEEE workshop on Computer Security Foundations
A Logic for SDSI's Linked Local Name Spaces: Preliminary Version
CSFW '99 Proceedings of the 12th IEEE workshop on Computer Security Foundations
SP'04 Proceedings of the 12th international conference on Security Protocols
| Hi-index | 0.00 |
The term 'principal' has roots both in computer security and in communications security. We will show that in those two areas principals serve quite different purposes. We also note that the term principal is overloaded in computer security and propose a separation into three different aspects: origin of message, access control rule, and accountable entity. Furthermore, we will defend the merits of extensional security specifications and show that it is not fruitful to expect that security mechanisms can only have one 'correct' interpretation.