Certificate Chain Discovery in SPKI/SDSI

نویسندگان

  • Dwaine E. Clarke
  • Jean-Emile Elien
  • Carl M. Ellison
  • Matt Fredette
  • Alexander Morcos
  • Ronald L. Rivest
چکیده

Dwaine Clarke a, Jean-Emile Elien b, Carl Ellison c, Matt Fredette d, Alexander Morcos e and Ronald L. Rivest f,∗ a Room 226, MIT Lab for Computer Science, 200 Technology Square, Cambridge, MA 02139, USA E-mail: [email protected] b Microsoft, One Microsoft Way, Redmond, WA 98052, USA E-mail: [email protected] c Intel Corporation, 2111 NE 25th Ave, Hillsboro, OR 97124, USA E-mail: [email protected] d aQuery, 100 Fellsway West, Somerville, MA 02145, USA E-mail: [email protected] e Tower Research Capital, 377 Broadway 11th Floor, New York, NY 10013, USA E-mail: [email protected] f Room 324, MIT Lab for Computer Science, 200 Technology Square, Cambridge, MA 02139, USA E-mail: [email protected]

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Distributed Certificate-Chain Discovery in SPKI/SDSI

The authorization problem is to decide whether, according to a security policy, some principal should be allowed access to a resource. In the trust-management system SPKI/SDSI, the security policy is given by a set of certificates, and proofs of authorization take the form of certificate chains. The certificate-chain-discovery problem is to discover a proof of authorization for a given request....

متن کامل

Local Names in SPKI/SDSI

We analyze the notion of “local names” in SPKI/SDSI. By interpreting local names as distributed groups, we develop a simple logic program for SPKI/SDSI’s linked localname scheme and prove that it is equivalent to the nameresolution procedure in SDSI 1.1 and the 4-tuple-reduction mechanism in SPKI/SDSI 2.0. This logic program is itself a logic for understanding SDSI’s linked local-name scheme an...

متن کامل

Weighted Pushdown Systems and Trust-Management Systems

The authorization problem is to decide whether, according to a security policy, some principal should be allowed access to a resource. In the trustmanagement system SPKI/SDSI, the security policy is given by a set of certificates, and proofs of authorization take the form of certificate chains. The certificate-chain-discovery problem is to discover a proof of authorization for a given request. ...

متن کامل

Distributed Policy Specification and Interpretation with Classified Advertisements

In a distributed system, the principle of separation of policy and mechanism provides the flexibility to revise policies without altering mechanisms and vice versa. This separation can be achieved by devising a language for specifying policy and an engine for interpreting policy. In the Condor [14] high throughput distributed system the ClassAd language [16] is used to specify resource selectio...

متن کامل

Analysis of SPKI/SDSI Certificates Using Model Checking

SPKI/SDSI is a framework for expressing naming and authorization issues that arise in a distributed-computing environment. In this paper, we establish a connection between SPKI/SDSI and a formalism known as pushdown systems (PDSs). We show that the SPKI/SDSI-to-PDS connection provides a framework for formalizing a variety of certificate-analysis problems. Moreover, the connection has computatio...

متن کامل

Model checking SPKI/SDSI

SPKI/SDSI is a framework for expressing naming and authorization issues that arise in a distributedcomputing environment. In this paper, we establish a connection between SPKI/SDSI and a formalism known as pushdown systems (PDSs). We show that the SPKI/SDSI-to-PDS connection provides a framework for formalizing a variety of certificate-analysis problems. Moreover, the connection has computation...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

عنوان ژورنال:
  • Journal of Computer Security

دوره 9  شماره 

صفحات  -

تاریخ انتشار 2001