Filters








106 Hits in 2.6 sec

Model checking SPKI/SDSI*

S. Jha, T. Reps, S. Schneider
2004 Journal of Computer Security  
We show that the SPKI/SDSI-to-PDS connection provides a framework for formalizing a variety of certificate-analysis problems.  ...  In this paper, we establish a connection between SPKI/SDSI and a formalism known as pushdown systems (PDSs).  ...  Related work A certificate-chain-discovery algorithm for SPKI/SDSI was first proposed by Clarke et al. [12] .  ... 
doi:10.3233/jcs-2004-123-402 fatcat:b54idxcny5cfpdt4atrvsjkgpi

Reducing the Dependence of SPKI/SDSI on PKI [chapter]

Hao Wang, Somesh Jha, Thomas Reps, Stefan Schwoon, Stuart Stubblebine
2006 Lecture Notes in Computer Science  
We demonstrate this concept by showing how SPKI/SDSI can be modified to use Kerberos, a secret-key based authentication system, to issue SPKI/SDSI certificates.  ...  Nonetheless, trust-management systems such as KeyNote and SPKI/SDSI have seen limited deployment in the real world.  ...  Alice T R −→ KCS Alice students (a) Name-cert requests (b) K-SPKI/SDSI name certs KBio CS −→ KCS Certificate Chain Discovery (Figure 3 y →).  ... 
doi:10.1007/11863908_11 fatcat:ixsek6rlvnah5ecfdydj6ncktq

The Design and Implementation of Secure Event Manager Using SPKI/SDSI Certificate [chapter]

YoungLok Lee, HyungHyo Lee, Seungyong Lee, HeeMan Park, BongNam Noh
2005 Lecture Notes in Computer Science  
Accordingly, we design and implement the event manager based on Jini and suggest three methods in which only right event consumer can listen to the event using Access-Control Lists and SPKI/SDSI certificates  ...  In the proposed method, our event manager controls the access of events by putting trust checking engine on Jini.  ...  <Issuer, Subject, Delegation bit, Authorization-tag, Validity> Certificate Chain Discovery in SPKI/SDSI Certificate Chain Discovery Algorithm" [8] is the one that searches, in his certificate cash,  ... 
doi:10.1007/11596042_51 fatcat:otqqnn52wbhkdaaapgcost2aye

Security Mechanisms for Mobile Agent Platforms Based on SPKI/SDSI Chains of Trust [chapter]

Michelle S. Wangham, Joni da Silva Fraga, Rafael R. Obelheiro, Galeno A. Jung, Elizabeth Fernandes
2004 Lecture Notes in Computer Science  
This work defines a security scheme, based on SPKI/SDSI chains of trust, for protecting mobile agent platforms in large-scale distributed systems.  ...  Due to the flexibility of the SPKI/SDSI certificate delegation infrastructures used, the proposed scheme provides a decentralized control for authorization and authentication. 1 http://lia.deis.unibo.it  ...  Acknowledgments The authors thank the "IFM (Instituto Fábrica do Milênio)" and "Chains of Trust" project (CNPq 552175/01-3) members for their contributions.  ... 
doi:10.1007/978-3-540-24625-1_12 fatcat:ht3ecvo3wnbghmmkxevwftilqm

Local names in SPKI/SDSI

N. Li
Proceedings 13th IEEE Computer Security Foundations Workshop. CSFW-13  
We analyze the notion of "local names" in SPKI/SDSI.  ...  and the 4-tuple-reduction mechanism in SPKI/SDSI 2.0.  ...  In the following, we review Elien's work. Certificate discovery SPKI/SDSI 2.0 gives a certificate-reduction process when certificates are provided in the right order.  ... 
doi:10.1109/csfw.2000.856921 dblp:conf/csfw/Li00 fatcat:km4idt7gozea5cvilung32omlm

Proxy-based security protocols in networked mobile devices

M. Burnside, D. Clarke, T. Mills, A. Maywah, S. Devadas, R. Rivest
2002 Proceedings of the 2002 ACM symposium on Applied computing - SAC '02  
We detail the device-to-proxy protocol for lightweight wireless devices and the proxy-to-proxy protocol which is based on SPKI/SDSI (Simple Public Key Infrastructure / Simple Distributed Security Infrastructure  ...  We describe a resource discovery and communication system designed for security and privacy.  ...  (a) The client proxy generates a chain of certificates using the SPKI/SDSI certificate chain discovery algorithm [4, 3] .  ... 
doi:10.1145/508832.508845 fatcat:jyxubwcfcbdqbfxdyknrzplldi

Proxy-based security protocols in networked mobile devices

M. Burnside, D. Clarke, T. Mills, A. Maywah, S. Devadas, R. Rivest
2002 Proceedings of the 2002 ACM symposium on Applied computing - SAC '02  
We detail the device-to-proxy protocol for lightweight wireless devices and the proxy-to-proxy protocol which is based on SPKI/SDSI (Simple Public Key Infrastructure / Simple Distributed Security Infrastructure  ...  We describe a resource discovery and communication system designed for security and privacy.  ...  (a) The client proxy generates a chain of certificates using the SPKI/SDSI certificate chain discovery algorithm [4, 3] .  ... 
doi:10.1145/508791.508845 dblp:conf/sac/BurnsideCMMDR02 fatcat:44kwvxz6zbbo7feh7bpctdks3m

Access control for semantic Web services

S. Agarwal, B. Sprick
2004 Proceedings. IEEE International Conference on Web Services, 2004.  
semantics) and SPKI/SDSI (for specifying authorization based access control).  ...  Therefore, our approach is useful not only in typical Web service based applications (client-server architecture) but also in peer to peer and agent based applications.  ...  In order to prove her eligibility, Alice shows an appropriate chain of SPKI/SDSI certificates. She calculates the required chain from the Web service's ACL and her set of SPKI/SDSI certificates.  ... 
doi:10.1109/icws.2004.1314813 dblp:conf/icws/AgarwalS04 fatcat:psidass4orajnnou63wjigoaxy

Weighted Pushdown Systems and Trust-Management Systems [chapter]

Somesh Jha, Stefan Schwoon, Hao Wang, Thomas Reps
2006 Lecture Notes in Computer Science  
Certificate-chain-discovery algorithms for SPKI/SDSI have been investigated by several researchers.  ...  In the trust-management system SPKI/SDSI, the security policy is given by a set of certificates, and proofs of authorization take the form of certificate chains.  ...  Background on the trust-management system SPKI/SDSI is given in Section 4. A distributed certificate-chain-discovery algorithm for SPKI/SDSI is described in Section 6.  ... 
doi:10.1007/11691372_1 fatcat:2kbw7inivjcbjivhjifxlqsmhe

A Model to support SPKI Federations management through XKMS

Michelle Wangham, Emerson Ribeiro de Mello, Joni da Silva Fraga, Davi da Silva Boger
2007 IEEE International Conference on Web Services (ICWS 2007)  
In a web of SPKI Federations, the proposed model follows a peer-to-peer approach for discovering and establishing certificate chains.  ...  This work uses XKMS to define a federated management model for SPKI/SDSI.  ...  The model proposed in [19] aims to maintain the policy adopted in the SPKI/SDSI model, and makes the principals responsible for locating the chains of certificates they wish.  ... 
doi:10.1109/icws.2007.8 dblp:conf/icws/WanghamMFB07 fatcat:ttukwwtapbdy3okrfk3e7wr4ba

Distributed Policy Specification and Interpretation with Classified Advertisements [chapter]

Nicholas Coleman
2012 Lecture Notes in Computer Science  
SPKI/SDSI certificates are represented using the ClassAd language and certificate chain discovery is implemented using a modified matchmaking algorithm.  ...  We extend this framework to specify and interpret authorization policies using the SPKI/SDSI [6] public key infrastructure.  ...  We have also presented the necessary theoretical underpinnings of the enhanced gangmatching algorithm which generalize beyond the specific instance of SPKI/SDSI certificate chain discovery.  ... 
doi:10.1007/978-3-642-27694-1_15 fatcat:khy3swjd4fgvhe2nzqfgg6jrhq

Author Index Volume 9 (2001)

2001 Journal of Computer Security  
vest, Certificate chain discovery in SPKI/SDSI (4) 285 -322 De Capitani di Vimercati, S., P. Lincoln, L. Ricciulli and P. Samarati, Global infrastructure protection system (4) 251 -283 Elien, J.  ...  Rivest, Certificate chain discovery in SPKI/SDSI (4) 285 -322 De Capitani di Vimercati, S., P. Lincoln, L. Ricciulli and P.  ...  IOS Press Author Index Volume 9 (2001) The issue number is given in front of the page numbers.  ... 
doi:10.3233/jcs-2001-9404 fatcat:snfrwnaajjdjrcdsshvbaceqgq

Policy control management for Web Services

Arlindo L. Marcon, Altair O. Santin, Luiz A. de Paula Lima, Rafael R. Obelheiro, Maicon Stihler
2009 2009 IFIP/IEEE International Symposium on Integrated Network Management  
A certificate-based permission management scheme is used to derive new policies in the local domains of each branch.  ...  These new policies will update the corporate repository which, in turn, will configure the corresponding policies in the local domains of each branch.  ...  Thus, the client sends the chain of SPKI/SDSI certificates to PEP, that in its turn sends them to STS invoking XKMS (event ce, Fig. 4) .  ... 
doi:10.1109/inm.2009.5188786 dblp:conf/im/MarconSLOS09 fatcat:ki6g65ne2bg6jkzhqrevmvfv54

Analysis of SPKI/SDSI certificates using model checking

S. Jha, T. Reps
Proceedings 15th IEEE Computer Security Foundations Workshop. CSFW-15  
We show that the SPKI/SDSI-to-PDS connection provides a framework for formalizing a variety of certificate-analysis problems.  ...  In this paper, we establish a connection between SPKI/SDSI and a formalism known as pushdown systems (PDSs).  ...  The remainder of the paper is organized as follows: Section 2 provides an introduction to SPKI/SDSI, and describes the algorithm for certificate-chain discovery from [10] .  ... 
doi:10.1109/csfw.2002.1021812 dblp:conf/csfw/JhaR02 fatcat:mmsb7i7zxjdmnjdixhvqf3w2mq

Access control to people location information

Urs Hengartner, Peter Steenkiste
2005 ACM Transactions on Privacy and Security  
To show feasibility of our design, we built an example implementation based on SPKI/SDSI certificates. Using measurements, we quantify the influence of access control on query processing time.  ...  Our design encodes policies as digital certificates, which enables decentralized storage of policies. We also present an algorithm for the discovery of distributed certificates.  ...  Tools exist that evaluate chains of SPKI/SDSI certificates and decide whether requests should be granted access.  ... 
doi:10.1145/1108906.1108910 fatcat:kngzcf4zdrgxxar5ybkub6gg24
« Previous Showing results 1 — 15 out of 106 results