Recent-secure authentication: enforcing revocation in distributed systems

A general method is described for formally specifying and reasoning about distributed systems with any desired degree of immediacy for revoking authentication. To effect revocation, 'authenticating entities' impose freshness constraints on credentials or authenticated statements made by trusted intermediaries. If fresh statements are not presented, then the authentication is questionable. Freshness constraints are derived from initial policy assumptions and authentic statements made by trusted intermediaries. By adjusting freshness constraints, the delay for certain revocation can be arbitrarily bounded. We illustrate how the inclusion of freshness policies within certificates enables the design of a secure and highly available revocation service. We illustrate the application of the method and new techniques in an example.<<ETX>>

[1]  B. Lampson,et al.  Authentication in distributed systems: theory and practice , 1991, TOCS.

[2]  Morrie Gasser,et al.  An architecture for practical delegation in a distributed system , 1990, Proceedings. 1990 IEEE Computer Society Symposium on Research in Security and Privacy.

[3]  Karen R. Sollins,et al.  Cascaded authentication , 1988, Proceedings. 1988 IEEE Symposium on Security and Privacy.

[4]  Maurice Herlihy,et al.  Hybrid Concurrency Control for Abstract Data Types , 1991, J. Comput. Syst. Sci..

[5]  Barbara Liskov,et al.  Practical uses of synchronized clocks in distributed systems , 1991, PODC '91.

[6]  John Linn,et al.  Privacy enhancement for Internet electronic mail: Part II - certificate-based key management , 1987, RFC.

[7]  Li Gong,et al.  A security risk of depending on synchronized clocks , 1992, OPSR.

[8]  Judith A. Furlong,et al.  Public Key Infrastructure Study , 1994 .

[9]  Leslie Lamport,et al.  Time, clocks, and the ordering of events in a distributed system , 1978, CACM.

[10]  Giovanni Maria Sacco,et al.  Timestamps in key distribution protocols , 1981, CACM.

[11]  Morrie Gasser,et al.  The Digital Distributed System Security Architecture , 1989 .

[12]  J.J. Tardo,et al.  SPX: global authentication using public key certificates , 1991, Proceedings. 1991 IEEE Computer Society Symposium on Research in Security and Privacy.

[13]  Virgil D. Gligor,et al.  On message integrity in cryptographic protocols , 1992, Proceedings 1992 IEEE Computer Society Symposium on Research in Security and Privacy.

[14]  Martín Abadi,et al.  A calculus for access control in distributed systems , 1991, TOPL.

[15]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[16]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[17]  Thomas Beth,et al.  Trust-Based Navigation in Distribution Systems , 1994, Comput. Syst..

[18]  B. Clifford Neuman,et al.  Proxy-based authorization and accounting for distributed systems , 1993, [1993] Proceedings. The 13th International Conference on Distributed Computing Systems.

[19]  Virgil D. Gilgor,et al.  On inter-realm authentication in large distributed systems , 1992, Proceedings 1992 IEEE Computer Society Symposium on Research in Security and Privacy.

[20]  Theodore Y. Ts'o,et al.  Kerberos: an authentication service for computer networks , 1994, IEEE Communications Magazine.

[21]  Li Gong,et al.  Increasing Availability and Security of an Authentication Service , 1993, IEEE J. Sel. Areas Commun..

[22]  Martín Abadi,et al.  Authentication in distributed systems: theory and practice , 1991, SOSP '91.

[23]  S.G. Stubblebine,et al.  Protocol design for integrity protection , 1993, Proceedings 1993 IEEE Computer Society Symposium on Research in Security and Privacy.

[24]  Steve Kent,et al.  Privacy Enhancement for Internet Electronic Mail: Part II: Certificate-Based Key Management , 1989, RFC.