Understanding SPKI/SDSI using first-order logic

SPKI/SDSI is a language for expressing distributed access control policy, derived from SPKI and SDSI. We provide a first-order logic (FOL) semantics for SDSI, and show that it has several advantages over previous semantics. For example, the FOL semantics is easily extended to additional policy concepts and gives meaning to a larger class of access control and other policy analysis queries. We prove that the FOL semantics is equivalent to the string rewriting semantics used by SDSI designers, for all queries associated with the rewriting semantics. We also provide a FOL semantics for SPKI/SDSI and use it to analyze the design of SPKI/SDSI. This reveals some problems. For example, the standard proof procedure in RFC 2693 is semantically incomplete. In addition, as noted before by other authors, authorization tags in SPKI/SDSI are algorithmically problematic, making a complete proof procedure unlikely. We compare SPKI/SDSI with RT1C, which is a language in the RTRole-based Trust-management framework that can be viewed as an extension of SDSI. The constraint feature of RT1C, based on Constraint Datalog, provides an alternative mechanism that is expressively similar to SPKI/SDSI tags, semantically natural, and algorithmically tractable.

[1]  Martín Abadi,et al.  Authentication in distributed systems: theory and practice , 1991, SOSP '91.

[2]  B. Lampson,et al.  Authentication in distributed systems: theory and practice , 1991, TOCS.

[3]  S. Shelah,et al.  Annals of Pure and Applied Logic , 1991 .

[4]  Martín Abadi,et al.  A calculus for access control in distributed systems , 1991, TOPL.

[5]  Mads Dam,et al.  A note on SPKI's authorisation syntax , 2002 .

[6]  Jean H. Gallier,et al.  Linear-Time Algorithms for Testing the Satisfiability of Propositional Horn Formulae , 1984, J. Log. Program..

[7]  Joseph Y. Halpern,et al.  A logical reconstruction of SPKI , 2001, Proceedings. 14th IEEE Computer Security Foundations Workshop, 2001..

[8]  Butler W. Lampson,et al.  Simple Public Key Certificate , 1998 .

[9]  Joan Feigenbaum,et al.  The KeyNote Trust-Management System Version 2 , 1999, RFC.

[10]  Martín Abadi,et al.  On SDSI's linked local name spaces , 1997, Proceedings 10th Computer Security Foundations Workshop.

[11]  Gopalan Nadathur,et al.  Correspondences between classical, intuitionistic and uniform provability , 1998, Theor. Comput. Sci..

[12]  Ronald L. Rivest,et al.  SDSI - A Simple Distributed Security Infrastructure , 1996 .

[13]  Gabriel M. Kuper,et al.  Constraint Databases , 2010, Springer Berlin Heidelberg.

[14]  Joseph Y. Halpern,et al.  A Logic for SDSI's Linked Local Name Spaces , 2001, J. Comput. Secur..

[15]  Ninghui Li,et al.  RTML: A Role-based Trust-management Markup Language , 2002 .

[16]  Ninghui Li,et al.  Beyond proof-of-compliance: security analysis in trust management , 2005, JACM.

[17]  Butler W. Lampson,et al.  SPKI Certificate Theory , 1999, RFC.

[18]  Gopalan Nadathur,et al.  Uniform Proofs as a Foundation for Logic Programming , 1991, Ann. Pure Appl. Log..

[19]  Dawn Xiaodong Song,et al.  Athena: A Novel Approach to Efficient Automatic Security Protocol Analysis , 2001, J. Comput. Secur..

[20]  Michael J. Maher,et al.  Constraint Logic Programming: A Survey , 1994, J. Log. Program..

[21]  Gabriel M. Kuper,et al.  Constraint Query Languages , 1995, J. Comput. Syst. Sci..

[22]  Joan Feigenbaum,et al.  Delegation logic: A logic-based approach to distributed authorization , 2003, TSEC.

[23]  John Wylie Lloyd,et al.  Foundations of Logic Programming , 1987, Symbolic Computation.

[24]  Jon Howell,et al.  A Formal Semantics for SPKI , 2000, ESORICS.

[25]  Joan Feigenbaum,et al.  Decentralized trust management , 1996, Proceedings 1996 IEEE Symposium on Security and Privacy.

[26]  David Kotz,et al.  Naming and sharing resources across administrative boundaries , 2000 .

[27]  Ninghui Li,et al.  Beyond proof-of-compliance: safety and availability analysis in trust management , 2003, 2003 Symposium on Security and Privacy, 2003..

[28]  Ninghui Li,et al.  Design of a role-based trust-management framework , 2002, Proceedings 2002 IEEE Symposium on Security and Privacy.

[29]  Ninghui Li,et al.  Distributed Credential Chain Discovery in Trust Management , 2003, J. Comput. Secur..

[30]  J. Feigenbaum,et al.  The KeyNote trust management system version2, IETF RFC 2704 , 1999 .

[31]  Ronald L. Rivest,et al.  Certificate Chain Discovery in SPKI/SDSI , 2002, J. Comput. Secur..

[32]  Somesh Jha,et al.  Analysis of SPKI/SDSI certificates using model checking , 2002, Proceedings 15th IEEE Computer Security Foundations Workshop. CSFW-15.

[33]  Tuomas Aura,et al.  On the structure of delegation networks , 1998, Proceedings. 11th IEEE Computer Security Foundations Workshop (Cat. No.98TB100238).

[34]  Ninghui Li,et al.  DATALOG with Constraints: A Foundation for Trust Management Languages , 2003, PADL.

[35]  Ninghui Li,et al.  Local names in SPKI/SDSI , 2000, Proceedings 13th IEEE Computer Security Foundations Workshop. CSFW-13.