The complexity of propositional closed world reasoning and circumscription
Journal of Computer and System Sciences
An authentication logic supporting synchronization, revocation, and recency
CCS '96 Proceedings of the 3rd ACM conference on Computer and communications security
On SDSI's linked local name spaces
Journal of Computer Security
A logic for SDSI's linked local name spaces
Journal of Computer Security
Certificate chain discovery in SPKI?SDSI
Journal of Computer Security
ESORICS '00 Proceedings of the 6th European Symposium on Research in Computer Security
Nonmonotonicity, User Interfaces, and Risk Assessment in Certificate Revocation
FC '01 Proceedings of the 5th International Conference on Financial Cryptography
Can We Eliminate Certificate Revocations Lists?
FC '98 Proceedings of the Second International Conference on Financial Cryptography
On the Structure of Delegation Networks
CSFW '98 Proceedings of the 11th IEEE workshop on Computer Security Foundations
A Logic-based Knowledge Representation for Authorization with Delegation
CSFW '99 Proceedings of the 12th IEEE workshop on Computer Security Foundations
CSFW '00 Proceedings of the 13th IEEE workshop on Computer Security Foundations
Recent-secure authentication: enforcing revocation in distributed systems
SP '95 Proceedings of the 1995 IEEE Symposium on Security and Privacy
A Logical Language for Expressing Authorizations
SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
Understanding Trust Management Systems
SP '01 Proceedings of the 2001 IEEE Symposium on Security and Privacy
Deciding knowledge properties of security protocols
TARK '05 Proceedings of the 10th conference on Theoretical aspects of rationality and knowledge
A (restricted) quantifier elimination for security protocols
Theoretical Computer Science - Automated reasoning for security protocol analysis
Efficient trust management policy analysis from rules
Proceedings of the 9th ACM SIGPLAN international conference on Principles and practice of declarative programming
Journal of the ACM (JACM)
Self-signed executables: restricting replacement of program binaries by malware
HOTSEC'07 Proceedings of the 2nd USENIX workshop on Hot topics in security
Using First-Order Logic to Reason about Policies
ACM Transactions on Information and System Security (TISSEC)
Completeness of discovery protocols
Proceedings of the 2nd ACM workshop on Assurable and usable security configuration
Hi-index | 0.00 |
SPKI/SDSI is a proposed public key infrastructure standard that incorporates the SDSI public key infrastructure. SDSI's key innovation was the use of local names. We previously introduced a Logic of Local Name Containment that has a clear semantics and was shown to completely characterize SDSI name resolution. Here we show how our earlier approach can be extended to deal with a number of key features of SPKI, including revocation, expiry dates, and tuple reduction. We show that these extensions add relatively little complexity to the logic. In particular, we do not need a nonmonotonic logic to capture revocation. We then use our semantics to examine SPKI's tuple reduction rules. Our analysis highlights places where SPKI's informal description of tuple reduction is somewhat vague, and shows that extra reduction rules are necessary in order to capture general information about binding and authorization.