An authentication logic supporting synchronization, revocation, and recency
CCS '96 Proceedings of the 3rd ACM conference on Computer and communications security
Techniques for trusted software engineering
Proceedings of the 20th international conference on Software engineering
Generalized certificate revocation
Proceedings of the 27th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
An Authentication Logic with Formal Semantics Supporting Synchronization, Revocation, and Recency
IEEE Transactions on Software Engineering
COCA: A secure distributed online certification authority
ACM Transactions on Computer Systems (TOCS)
Nonmonotonicity, User Interfaces, and Risk Assessment in Certificate Revocation
FC '01 Proceedings of the 5th International Conference on Financial Cryptography
Authentic Attributes with Fine-Grained Anonymity Protection
FC '00 Proceedings of the 4th International Conference on Financial Cryptography
A novel approach to certificate revocation management
Das'01 Proceedings of the fifteenth annual working conference on Database and application security
A Logical Reconstruction of SPKI
CSFW '01 Proceedings of the 14th IEEE workshop on Computer Security Foundations
A logical reconstruction of SPKI
Journal of Computer Security - Special issue on CSFW14
DICTATE: DIstributed CerTification Authority with probabilisTic frEshness for Ad Hoc Networks
IEEE Transactions on Dependable and Secure Computing
Inferring dynamic credentials for rôle-based trust management
Proceedings of the 8th ACM SIGPLAN international conference on Principles and practice of declarative programming
Network service sharing infrastructure: service authentication and authorization revocation
ICCOM'05 Proceedings of the 9th WSEAS International Conference on Communications
Authorization in trust management: Features and foundations
ACM Computing Surveys (CSUR)
EuroPKI '08 Proceedings of the 5th European PKI workshop on Public Key Infrastructure: Theory and Practice
Empirical Analysis of Certificate Revocation Lists
Proceeedings of the 22nd annual IFIP WG 11.3 working conference on Data and Applications Security
Beacon certificate push revocation
Proceedings of the 2nd ACM workshop on Computer security architectures
Certificate revocation release policies
Journal of Computer Security
Certificate revocation using fine grained certificate space partitioning
FC'07/USEC'07 Proceedings of the 11th International Conference on Financial cryptography and 1st International conference on Usable Security
Limitations on design principles for public key protocols
SP'96 Proceedings of the 1996 IEEE conference on Security and privacy
Towards a framework for evaluating certificate status information mechanisms
Computer Communications
Temporal accountability and anonymity in medical sensor networks
Mobile Networks and Applications - Special issue on Wireless and Personal Communications
| Hi-index | 0.00 |
Abstract: A general method is described for formally specifying and reasoning about distributed systems with any desired degree of immediacy for revoking authentication. To effect revocation, 'authenticating entities' impose freshness constraints on credentials or authenticated statements made by trusted intermediaries. If fresh statements are not presented, then the authentication is questionable. Freshness constraints are derived from initial policy assumptions and authentic statements made by trusted intermediaries. By adjusting freshness constraints, the delay for certain revocation can be arbitrarily bounded. We illustrate how the inclusion of freshness policies within certificates enables the design of a secure and highly available revocation service. We illustrate the application of the method and new techniques in an example.