Filters








4,534 Hits in 2.3 sec

Formal Modelling of PKI Based Authentication

Ali Nasrat Haidar, Ali E. Abdallah
2009 Electronical Notes in Theoretical Computer Science  
This paper presents a formal approach for modeling certificate based PKI authentication.  ...  One of the main aims of certificate based Public Key Infrastructure (PKI) is to provide authentication in distributed systems.  ...  These components were used as building block to construct a formal model for certificate based PKI authentication.  ... 
doi:10.1016/j.entcs.2009.03.005 fatcat:3neregzp6rdcrg3pugjq7rmk4q

Universally Composable Authentication and Key-Exchange with Global PKI [chapter]

Ran Canetti, Daniel Shahaf, Margarita Vald
2016 Lecture Notes in Computer Science  
Still, the state of the art in composable security analysis of PKI-based authentication and key exchange is somewhat unsatisfactory.  ...  Message authentication and key exchange are two of the most basic tasks of cryptography. Solutions based on public-key infrastructure (PKI) are prevalent.  ...  PKI-based authentication can be examined from three different angels: the composability guarantees of the model, the modeling of the PKI, and the deniability guarantees of the ideal authentication.  ... 
doi:10.1007/978-3-662-49387-8_11 fatcat:hz6gsqgnmnb3blbxhzgnx64nzu

Authentication: International Scope and Non Discrimination in Government Commerce vs. PKI

Paul R. Schapper, Mercedes Rivolta, Knut Leipold
2014 Digital Evidence and Electronic Signature Law Review  
First there have been technological developments, which, of course, gave rise to PKI models based on digital signatures and certificates.  ...  The earlier partial convergence between model law and technology around PKI models for authentication has now dissolved.  ...  (India), a member of the Editorial Board of the Journal of Contemporary Issues in Business and Government, and an international consultant.  ... 
doi:10.14296/deeslr.v2i0.1749 fatcat:4mlq5ycsanfmrjtggw36jk6dr4

Static evaluation of Certificate Policies for GRID PKIs interoperability

M. Rak, M. Medina, O. Manso, J. Luna, N. Mazzocca, V. Casola, M. Rak, M. Medina, O. Manso, J. Luna, N. Mazzocca, V. Casola
2007 The Second International Conference on Availability, Reliability and Security (ARES'07)  
The described process is based on the building of a formalized policy template for Grid Certificate Policies.  ...  Nowadays Policy Management Authorities (PMAs) gather Grid CAs fulfilling a minimum set of requirements defined in an Authentication Profile thus guaranteeing a trusted interoperability environment for  ...  These are: • An evaluation methodology, based on the formalization of the CA's Certification Policy [6] , to i) determine if a CA is compliant with the Authentication Profile defined by the PMA and ii  ... 
doi:10.1109/ares.2007.143 dblp:conf/IEEEares/CasolaMLMM07 fatcat:3d5a4hcv25boniwgn56i3ypdti

Which PKI (public key infrastructure) is the right one? (panel session)

Carlisle Adams, Mike Burmester, Yvo Desmedt, Mike Reiter, Philip Zimmermann
2000 Proceedings of the 7th ACM conference on Computer and communications security - CCS '00  
X.509-based PKI need not make use of X.500-based Distinguished Names, and • an X.509-based PKI can be cryptographically bound, in a formal way, to a full-featured Privilege Management ("advanced authorization  ...  It most closely fits the definition of an ideal PKI because of the peer-reviewed, formalized, and interoperability-tested mechanisms that have been specified to provide all aspects of key and certificate  ... 
doi:10.1145/352600.352615 dblp:conf/ccs/AdamsBDRZ00 fatcat:e4sawt25mrayrpmzxacmehey4a

A calculus of trust and its application to PKI and identity management

Jingwei Huang, David Nicol
2009 Proceedings of the 8th Symposium on Identity and Trust on the Internet - IDtrust '09  
We introduce a formal semantics based calculus of trust that explicitly represents trust and quantifies the risk associated with trust in public key infrastructure (PKI) and identity management (IdM).  ...  We then show by example how to formally represent trust relationships and quantitatively evaluate the risk associated with trust in public key certificate chains.  ...  In this way, our model is based on a solid formalism foundation.  ... 
doi:10.1145/1527017.1527021 dblp:conf/idtrust/HuangN09 fatcat:6fe2djjghnhr3daqqavvxekkue

Research on Mobile E-business Security Model based on WPKI Technology and its Application

Yongsheng Luo
2015 International Journal of Security and Its Applications  
Then the mobile E-business security model based on WPKI Technology is proposed in this paper.  ...  Currently, the most mobile equipment processing capacity is low, a mobile E-Business security model based on WPKI technology is proposed in this paper.  ...  [7] proposed an organisation structure-based access control (OSAC) model based on a taskrole-based access control (T-RBAC) model.  ... 
doi:10.14257/ijsia.2015.9.7.11 fatcat:2265fhcefjbpbodzwlym3h7pza

Towards a Hybrid Public Key Infrastructure (PKI): A Review [article]

Priyadarshi Singh, Abdul Basit, N. Chaitanya Kumar, V. Ch. Venkaiah
2019 IACR Cryptology ePrint Archive  
Traditional Certificate-based public key infrastructure (PKI) suffers from the problem of certificate overhead like its storage, verification, revocation etc.  ...  Also, the summary of the comparison, based on various features, is presented in a table.  ...  The Internet Engineering Task Force(IETF) Public Key Infrastructure X.509 (PKIX) [21] working group has been the driving force behind setting up a formal (and generic) model based on X.509 that is suitable  ... 
dblp:journals/iacr/SinghBKV19 fatcat:hazur7hj4bdl7lpmudwuf54qxi

Trust Extortion on the Internet [chapter]

Audun Jøsang
2012 Lecture Notes in Computer Science  
Said more directly, any perception of weak security or low trustworthiness could be disastrous for an otherwise secure and honest online service provider.  ...  In order to steer away from such dangers people tend to look for signals of security and trustworthiness when navigating the Internet and accessing remote hosts.  ...  making a mockery of the PKI security model.  ... 
doi:10.1007/978-3-642-29963-6_2 fatcat:6qdkiogepbdmfewtfpevvi4k6i

Composability and On-Line Deniability of Authentication [chapter]

Yevgeniy Dodis, Jonathan Katz, Adam Smith, Shabsi Walfish
2009 Lecture Notes in Computer Science  
Unfortunately, we show that our definition is impossible to realize in the PKI model if adaptive corruptions are allowed (even if secure erasure is assumed).  ...  This turns out to generalize several realistic scenarios that are outside the scope of previous models.  ...  Unfortunately, our main result in Theorem 1 shows that the most natural modeling of a PKI-based authentication is impossible in the face of adaptive attackers.  ... 
doi:10.1007/978-3-642-00457-5_10 fatcat:inannspinre3rnkdohnk5wcm7a

Heterogeneous Cross-Domain Identity Authentication Scheme Based on Proxy Resignature in Cloud Environment

Yongyang Lv, Wenju Liu, Ze Wang, Nazrul Islam
2020 Mathematical Problems in Engineering  
Based on proxy resignature, the signature transformation between trust domains of different cryptographic systems is realized with the help of the cloud authentication center, so as to achieve cross-domain  ...  Hierarchical ID tree realizes the uniqueness of identity in communication, and the security of heterogeneous cross-domain identity authentication is enhanced by the two-factor authentication of "password  ...  Literature [15] proposes a grid-based PKI multidomain authentication model, but the model cannot resist forgery attack.  ... 
doi:10.1155/2020/2078032 fatcat:pcsjbetmvbatbjzz44mtg7rx6e

A Formally Verified Device Authentication Protocol Using Casper/FDR

Mahdi Aiash, Glenford Mapp, Raphael C.-W. Phan, Aboubaker Lasebae, Jonathan Loo
2012 2012 IEEE 11th International Conference on Trust, Security and Privacy in Computing and Communications  
The proposed protocol is analysed and verified using a formal methods approach based on Casper/FDR compiler.  ...  This paper analyses a number of the Authentication and Key Agreement protocols between the users and mobile terminals, then proposes a novel device authentication protocol.  ...  Furthermore, the proposed protocol is authenticated using CASPER/FDR compiler [4] which is a formal methods-based approach that accepts an abstract description of systems and translates them into Communication  ... 
doi:10.1109/trustcom.2012.27 dblp:conf/trustcom/AiashMPLL12 fatcat:kjpd4lklk5gllf4mmnn5upcpga

LocalPKI: An Interoperable and IoT Friendly PKI [chapter]

Jean-Guillaume Dumas, Pascal Lafourcade, Francis Melemedjian, Jean-Baptiste Orfila, Pascal Thoniel
2019 Communications in Computer and Information Science  
A public-key infrastructure (PKI) binds public keys to identities of entities.  ...  Our scheme's security is formally proven with the help of Tamarin, an automatic verification tool for cryptographic protocols.  ...  Acknowledgment We thank Amaury Huot for his help in implementing the prototype web-based interface to LOCALPKI certificates.  ... 
doi:10.1007/978-3-030-11039-0_11 fatcat:nq7accq5jffp7ckw5gmufef4hi

Formal Modelling of a Usable Identity Management Solution for Virtual Organisations

Ali N. Haidar, P. V. Coveney, Ali E. Abdallah, P. Y. A Ryan, B. Beckles, J. M. Brooke, M . A. S. Jones
2010 Electronic Proceedings in Theoretical Computer Science  
The approach uses two complementary models: one is state based, described in Z notation, and the other is event-based, expressed in the Process Algebra of Hoare's Communicating Sequential Processes (CSP  ...  This paper attempts to accurately model security requirements for computational grid environments with particular focus on authentication.  ...  Section 3 and 4 present formal state-based models of the authentication components followed by a CSP description of their pattern of interactions. Section 5 presents our conclusion.  ... 
doi:10.4204/eptcs.16.4 fatcat:negzgk2h5bcqrhhr2zk4dpqjnq

Modeling Public Key Infrastructures in the Real World [chapter]

John Marchesini, Sean Smith
2005 Lecture Notes in Computer Science  
Since the currencies of PKI are trust and certificates, users who make trust decisions (often called relying parties) must do so using only some initial trust beliefs about the PKI and some pile of certificates  ...  Our calculus extends Maurer's deterministic model, and is focused on real world issues such as time, revocation, delegation, and heterogeneous certificate formats.  ...  Dept of Homeland Security (2000-DT-CX-K001). The views and conclusions do not necessarily represent those of the sponsors.  ... 
doi:10.1007/11533733_8 fatcat:q5yugsa73vb3zhmwyw73wchiby
« Previous Showing results 1 — 15 out of 4,534 results