Language based policy analysis in a SPKI Trust Management System
نویسندگان
چکیده
SPKI/SDSI is a standard for issuing authorization and name certificates. SPKI/SDSI can be used to implement a Trust Management System, where the policy for resource access is distributively specified by multiple trusted entities. Agents in the system need a formal mechanism for understanding the current state of policy. We present a first order temporal logic, called FTPL for specifying properties of a given SPKI/SDSI policy state. We also present algorithms to check if a SPKI/SDSI policy state satisfies a property specified in FTPL.
منابع مشابه
Reducing the Dependence of Trust-Management Systems on PKI
Trust-management systems address the authorization problem in distributed systems by defining a formal language for expressing authorization and access-control policies, and relying on an algorithm to determine when a specific request can be granted. For authorization in distributed systems, trustmanagement systems offer several advantages over other approaches, such as support for delegation a...
متن کاملSecure Authorization for Federated Environments ( SAFE ) Overview and Progress Report
SAFE is an example of declarative trust management. Principals use a declarative language to make statements about one another and about objects in the system. These statements are secure assertions: they are authenticated and the source (speaker) of every statement is tracked. Principals reason from these statements according to policy rules, which are also written in the declarative language....
متن کاملReducing the Dependence of SPKI/SDSI on PKI
Trust-management systems address the authorization problem in distributed systems. They offer several advantages over other approaches, such as support for delegation and making authorization decisions in a decentralized manner. Nonetheless, trust-management systems such as KeyNote and SPKI/SDSI have seen limited deployment in the real world. One reason for this is that both systems require a p...
متن کاملCERIAS Tech Report 2004-03 RTML: A ROLE-BASED TRUST-MANAGEMENT MARKUP LANGUAGE
RT is a framework for Role-based Trust Management [20]. In comparison with systems like SPKI/SDSI and KeyNote, the advantages of RT include: a declarative, logic-based semantic foundation, support for vocabulary agreement, strongly-typed credentials and policies, more flexible delegation structures, and more expressive support for Separation-of-Duty policies. This paper describes advances in th...
متن کاملRTML: A Role-based Trust-management Markup Language
RT is a framework for Role-based Trust Management [20]. In comparison with systems like SPKI/SDSI and KeyNote, the advantages of RT include: a declarative, logic-based semantic foundation, support for vocabulary agreement, strongly-typed credentials and policies, more flexible delegation structures, and more expressive support for Separation-of-Duty policies. This paper describes advances in th...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
- Journal of Computer Security
دوره 14 شماره
صفحات -
تاریخ انتشار 2006