An authentication logic supporting synchronization, revocation, and recency
CCS '96 Proceedings of the 3rd ACM conference on Computer and communications security
On SDSI's linked local name spaces
Journal of Computer Security
ESORICS '00 Proceedings of the 6th European Symposium on Research in Computer Security
Can We Eliminate Certificate Revocations Lists?
FC '98 Proceedings of the Second International Conference on Financial Cryptography
On the Structure of Delegation Networks
CSFW '98 Proceedings of the 11th IEEE workshop on Computer Security Foundations
A Logic-based Knowledge Representation for Authorization with Delegation
CSFW '99 Proceedings of the 12th IEEE workshop on Computer Security Foundations
A Logic for SDSI's Linked Local Name Spaces: Preliminary Version
CSFW '99 Proceedings of the 12th IEEE workshop on Computer Security Foundations
CSFW '00 Proceedings of the 13th IEEE workshop on Computer Security Foundations
Recent-secure authentication: enforcing revocation in distributed systems
SP '95 Proceedings of the 1995 IEEE Symposium on Security and Privacy
A Logical Language for Expressing Authorizations
SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
Analysis of SPKI/SDSI Certificates Using Model Checking
CSFW '02 Proceedings of the 15th IEEE workshop on Computer Security Foundations
A Logic for Reasoning about Digital Rights
CSFW '02 Proceedings of the 15th IEEE workshop on Computer Security Foundations
Access control to people location information
ACM Transactions on Information and System Security (TISSEC)
Trust in large-scale computational grids: an SPKI/SDSI extension for representing opinion
Proceedings of the 4th international workshop on Middleware for grid computing
Journal of Computer Security - Special issue on CSFW15
Authorization in trust management: Features and foundations
ACM Computing Surveys (CSUR)
Access control via belnap logic: Intuitive, expressive, and analyzable policy composition
ACM Transactions on Information and System Security (TISSEC)
Weighted pushdown systems and trust-management systems
TACAS'06 Proceedings of the 12th international conference on Tools and Algorithms for the Construction and Analysis of Systems
| Hi-index | 0.00 |
Abstract: SPKI/SDSI is a proposed public key infrastructure standard that incorporates the SDSI public key infrastructure. SDSI's key innovation was the use of local names. We previously introduced a Logic of Local Name Containment that has a clear semantics and was shown to completely characterize SDSI name resolution. Here we show how our earlier approach can be extended to deal with a number of key features of SPKI, including revocation, expiry dates, and tuple reduction, without invoking nonmonotonicity. We show that these extensions add relatively little complexity to the logic. We then use our semantics to examine SPKI's tuple reduction rules. Our analysis highlights places where SPKI's informal description of tuple reduction is somewhat vague, and shows that extra reduction rules are necessary in order to capture general information about binding and authorization.