|
|
Establishing Identity Without Certification Authorities
|
|
- Carl Ellison
- It is commonly assumed that if one wants to be sure a
public key belongs to the person he hopes it does, he
must use an identity certificate issued by a trust
Certification Authority (CA). The thesis of this
paper is that a traditional identity certificate is
neither necessary not sufficient for this purpose.
|
|
|
Decentralized Trust Management
|
|
- Matt Blaze, Joan Feigenbaum, Jack Lacy
- We identify the trust management problem as a distinct and
important component of security in network services. Aspects
of the trust management problem include formulating security
policies and security credentials, determining whether
particular sets of credentials satisfy the relevant
policies, and deferring trust to third parties. Existing
systems that support security in networked applications,
including X.509 and PGP, address only narrow subsets of the
overall trust management problem and often do so in a manner
that is appropriate to only one application.
|
|
|
SDSI -- A Simple Distributed Security Infrastructure
|
|
- Ron Rivest and Butler Lampson
- We propose a new distributed security infrastructure, called
SDSI (pronounced "Sudsy"). SDSI combines a simple public-key
infrastructure design with a means of defining groups and
issuing group-membership certificates. SDSI's groups
provides simple, clear terminology for defining
access-control lists and security policies. SDSI's design
emphasizes linked local name spaces rather than a
hierarchical global name space.
|
|
|
Simple public key certificate
|
|
- Carl M. Ellison, Bill Frantz, Butler Lampson, Ron Rivest, Brian M. Thomas, and Tatu Ylönen
- This document defines the structure of SPKI certificates,
CRLs, other fine-grain validity instruments and sequences of
those objects to be delivered from a prover to a verifier.
The purpose of such objects is to establish the prover's
authorization to have a request satisfied by the verifier.
Establishing identity, sometimes thought to be the only
purpose of a certificate, is considered to be an optional
step in this process but not the goal of the effort and
often unnecessary.
|
|
|
SPKI Certificate Theory (RFC 2693)
|
|
- Carl M. Ellison, Bill Frantz, Butler Lampson, Ron Rivest, Brian M. Thomas, and Tatu Ylönen
- This document gives the theory behind SPKI certificates and
ACLs without going into technical detail about those
structures or their uses.
|
|
|
A Formal Semantics for SPKI
|
|
- Jon Howell and David Kotz
- We extend the logic and semantics of authorization due
to Abadi, Lampson, et al. to support restricted
delegation. Our formal model provides a simple
interpretation for the variety of constructs in the
Simple Public Key Infrastructure (SPKI), and lends
intuition about possible extensions. We discuss both
extensions that our semantics supports and extensions
that it cautions against. [See RFC 2693].
|
|
|
SPKI Requirements (RFC 2692)
|
|
- Carl M. Ellison
- The SPKI is intended to provide mechanisms to support security in a
wide range of Internet applications, including IPSEC
protocols, encrypted electronic mail and WWW documents,
payment protocols, and any other application which will
require the use of public key certificates and the ability
to access them. It is intended that the Simple Public Key
Infrastructure will support a range of trust models.
|
|
|
Certificate Chain Discovery in SPKI/SDSI
|
|
- Dwaine Clarke, Jean-Emile Elien, Carl Ellison, Matt Fredette, Alexander Morcos, Ronald L. Rivest
- SPKI/SDSI is a novel public-key infrastructure
emphasizing naming, groups, ease-of-use, and flexible
authorization. To access a protected resource, a
client must present to the server a proof that the
client is authorized; this proof takes the form of a
"certificate chain" proving that the client's public
key is in one of the groups on the resource's
ACL. While finding such a chain can be nontrivial, due
to the flexible naming and delegation capabilities of
SPKI/SDSI certificates, we present a practical and
efficient algorithm for this problem of "certificate
chain discovery." We also present a tight worst-case
bound on its running time, which is polynomial in the
length of its input.
|
|
|
The SDSI 2.0 Library and Tools
|
|
- Matthew Fredette
- SDSI/SPKI 2.0 (hereafter just SDSI) is a specification for a
simple public key infrastructure. It takes public-key
cryptography, introduces a format for making simple
statements called certificates, and shows how to use them
"to make sense of this crazy computer world."
|
|
|
On SDSI's Linked Local Name Spaces
|
|
- MartÍn Abadi
- Rivest and Lampson have recently introduced SDSI, a Simple
Distributed Security Infrastructure. One of the important
innovations of SDSI is the use of linked local name
spaces. This paper suggests a logical explanation of SDSI's
local name spaces, as a complement to the operational
explanation given in the SDSI definition.
|
|
|
A Logic for SDSI's Linked Local Name Spaces
|
|
- Joseph Y. Halpern and Ron van der Meyden
- Abadi has introduced a logic to explicate the meaning of
local names in SDSI, the Simple Distributed Security
Infrastructure proposed by Rivest and Lampson. Abadi's logic
does not correspond precisely to SDSI, however; it draws
conclusions about local names that do not follow from SDSI's
name resolution algorithm. Moreover, its semantics is
somewhat unintuitive. This paper presents the Logic of Local
Name Containment, which does not suffer from these
deficiencies.
|
|
|
A logical reconstruction of SPKI
|
|
- Joseph Y. Halpern
- SPKI/SDSI is a proposed public key infrastructure
standard that incorporates the SDSI public key
infrastructure. SDSI's key innovation was the use of
local names. We previously introduced a Logic of Local
Name Containment that has a clear semantics and was
shown to completely characterize SDSI name
resolution. Here we show how our earlier approach can
be extended to deal with a number of key features of
SPKI, including revocation, expiry dates, and tuple
reduction, without invoking nonmonotonicity. We show
that these extensions add relatively little complexity
to the logic. We then use our semantics to examine
SPKI's tuple reduction rules.
|
|
|
Local Names in SPKI/SDSI 2.0
|
|
- Ninghui Li
- We analyze the notion of "local names" in SPKI/SDSI. By
interpreting local names as distributed groups, we develop a
simple logic program for SPKI/SDSI's linked localname scheme
and prove that it is equivalent to the name resolution
procedure in SDSI 1.1 and the 4-tuple-reduction mechanism in
SPKI/SDSI 2.0. This logic program is itself a logic for
understanding SDSI's linked local-name scheme and has
several advantages over previous logics, e.g., those of
Abadi [1] and Halpern and van der Meyden [13]. We then
enhance our logic program to handle authorization
certificates, threshold subjects, and certificate discovery.
|
|
|
SPKI/SDSI and the Web of Trust
|
|
- Carl Ellison
- PGP implements a security fault tolerance mechanism, called
the Web of Trust, that was designed to compensate for the
fact that issuers were not specially protected or
professional. Because SPKI/SDSI, like PGP, advocates widely
distributed issuance of certificates rather than have them
all come from a central CA hierarchy, people sometimes claim
that SPKI/SDSI uses the Web of Trust but that is not a
proper use of terms. SPKI certificates have deterministic
certificate chains, just like those of X.509 and unlike the
PGP Web of Trust.
|
|
|
End-to-end authorization
|
|
- Jon Howell and David Kotz
- Presents a model for relating chains of authority
passing through multiple network services.
Many boundaries impede the flow of authorization
information, forcing applications that span those
boundaries into hop-by-hop approaches to
authorization. We present a unified approach to
authorization. Our approach allows applications that
span administrative, network, abstraction, and
protocol boundaries to understand the end-to-end
authority that justifies any given request. The
resulting distributed systems are more secure and
easier to audit.
|
|
|
Security Models
|
|
- John McLean
- In this article we focus on the primary use of security
models, which has been to describe general confidentiality
requirements. We then give pointers to security model work
in other areas.
|
|
|
Expressive Power of the Schematic Protection Model
|
|
- Ravi S. Sandhu
- In this paper we show that the Schematic Protection Model
(SPM) subsumes several well-known protection models as
particular instances. We show this for a diverse collection
of models including the Bell-LaPadula multi-level security
model, take-grant models, and grammatical protection
systems. Remarkably SPM subsumes these models within its
known efficiently decidable cases for safety analysis (i.e.,
the determination or whether or not a given privilege can
possibly be acquired by a particular subject). Therefore SPM
subsumes these models not only in terms of its expressive
power but also in terms of safety analysis.
|
|
|
A Security Infrastructure for Distributed Java Applications
|
|
- (blind review paper)
- We describe the design and implementation of a security
infrastructure for a distributed Java application. This
work is inspired by SDSI/SPKI, but has a few twists of its
own. We define a logic for access control, such that access
is granted iff a proof that it should be granted is
derivable in the logic. Our logic supports linked local name
spaces, privilege delegation across administrative domains,
and attribute certificates. We use SSL to establish secure
channels through which principals can "speak", and have
implemented our access control system in Java. While we
implemented our infrastructure for the P System, our
design is applicable to other applications as well.
|
|
|
An Implementation of a Secure Web Client Using SPKI/SDSI Certificates
|
|
- Andrew J. Maywah
- On the Internet today there exists a multitude of
documents and other electronic information
resources. As the Internet grows in popularity, a
growing concern for individuals is how to publish
these documents on the World Wide Web and limit access
to these documents according to their desired security
policy. In this thesis, I designed and implemented a
client that uses the SPKI/SDSI public key
infrastructure to provide access control on the World
Wide Web.
|
|
|
Reasoning About Knowledge (ISBN 0-262-06162-7)
|
|
- Ronald Fagin, Joseph Y. Halpern, Yoram Moses and Moshe Y. Vardi
- Reasoning about knowledge - particularly the knowledge
of agents who reason about the world and each other's
knowledge - was once the exclusive province of
philosophers and puzzle solvers. More recently, this
type of reasoning has been shown to play a key role in
a surprising number of contexts, from understanding
conversations to the analysis of distributed computer
algorithms.
[See also "Reasoning
about knowledge: a survey".]
|
|
|
Reasoning About Common Knowledge with Infinitely Many Agents
|
|
- Joseph Y. Halpern and Richard A. Shore
- Complete axiomatizations and exponential- time decision
procedures are provided for reasoning about knowledge and
common knowledge when there are infinitely many agents.
|
|
|
A Logic-based Knowledge Representation for Authorization with Delegation
|
|
- Ninghui Li, Joan Feigenbaum, Benjamin N. Grosof
- We introduce Delegation Logic (DL), a logic-based
knowledge representation (i.e., language) that deals
with authorization in large-scale, open, distributed
systems. Of central importance in any system for
deciding whether requests should be authorized in such
a system are delegation of authority, negation of
authority, and conflicts of authority.
|