A Semantics and a Calculi for Reasoning about Credential-based Systems

Reasoning about credential-based systems such as SDSI, SPKI is one of today’s security challenges. The representation and reasoning problem for this (simple) public key infrastructure is challenging: we need to represent permissions, naming and identities of agents and complex naming constructions (Blackburn’s office-mate is M4M’s PC-Chair’s Colleague), then we need to reason about intervals of time and metric time for expiration dates and validity intervals. One of the limitation of many formalizations is their folding on Lampson and Rivest’s SDSI and SPKI, the major goal being to show that the proposed logics and semantics captured exactly SPKI behavior or were better in this or that respect. What we find missing is what Syverson termed an ”independently motivated semantics”. A semantics where models fitting SDSI would just be a particular subset of logical models and where other proposals could be equally well accomodated. Here, we propose such an independently motivated semantics with annexed logical calculi. The semantics has a natural intuitive interpretation and in particular can represent timing constraints, intersection of validity intervals and naming at the same time. We also provide a logical calculus based on semantic tableaux with the appealing feature that the verification of credentials allows for the direct construction of a counter-model in the semantics when invalid requests are made. This combines semantic tableau method for modal and description logics with systems for reasoning about interval algebra and advanced proposals that exploit both qualitative and metric constraints, whose integration is far from trivial.