Analysis of SPKI/SDSI certificates using model checking

SPKI/SDSI is a framework for expressing naming and authorization issues that arise in a distributed-computing environment. We establish a connection between SPKI/SDSI and a formalism known as pushdown systems (PDSs). We show that the SPKI/SDSI-to-PDS connection provides a framework for formalizing a variety of certificate-analysis problems. Moreover, the connection has computational significance: many analysis problems can be solved efficiently (i.e., in time polynomial in the size of the certificate set) using existing algorithms for model checking pushdown systems.

[1]  Bernhard Steffen,et al.  Model Checking for Context-Free Processes , 1992, CONCUR.

[2]  Pierre Wolper,et al.  Simple on-the-fly automatic verification of linear temporal logic , 1995, PSTV.

[3]  Martín Abadi,et al.  On SDSI's linked local name spaces , 1997, Proceedings 10th Computer Security Foundations Workshop.

[4]  Javier Esparza,et al.  Reachability Analysis of Pushdown Automata: Application to Model-Checking , 1997, CONCUR.

[5]  Jean-Emile Elien,et al.  Certificate discovery using SPKI/SDSI 2.0 certificates , 1998 .

[6]  Rajeev Alur,et al.  Model checking of hierarchical state machines , 1998, TOPL.

[7]  Jens Knoop,et al.  Demand-Driven Model Checking for Context-Free Processes , 1999, ASIAN.

[8]  Butler W. Lampson,et al.  SPKI Certificate Theory , 1999, RFC.

[9]  J. Feigenbaum,et al.  The KeyNote trust management system version2, IETF RFC 2704 , 1999 .

[10]  Joan Feigenbaum,et al.  The Role of Trust Management in Distributed Systems Security , 2001, Secure Internet Programming.

[11]  Joan Feigenbaum,et al.  The KeyNote Trust-Management System Version 2 , 1999, RFC.

[12]  J. Esparza,et al.  Efficient Algorithms for Model Checking Pushdown Systems , 2000, CAV.

[13]  Ninghui Li,et al.  Local names in SPKI/SDSI , 2000, Proceedings 13th IEEE Computer Security Foundations Workshop. CSFW-13.

[14]  Jon Howell,et al.  A Formal Semantics for SPKI , 2000, ESORICS.

[15]  Stephan Merz,et al.  Model Checking , 2000 .

[16]  Ronald L. Rivest,et al.  Certificate Chain Discovery in SPKI/SDSI , 2002, J. Comput. Secur..

[17]  Rajeev Alur,et al.  Analysis of Recursive State Machines , 2001, CAV.

[18]  Stephen Weeks,et al.  Understanding trust management systems , 2001, Proceedings 2001 IEEE Symposium on Security and Privacy. S&P 2001.

[19]  Michael Benedikt,et al.  Model Checking of Unrestricted Hierarchical State Machines , 2001, ICALP.

[20]  Joseph Y. Halpern,et al.  A logical reconstruction of SPKI , 2003 .