A logic for SDSI's linked local name spaces: preliminary version

M. Abadi (1998) has introduced a logic to explicate the meaning of local names in SDSI, the simple distributed security infrastructure proposed by Rivest and Lampson. Abadi's logic does not correspond precisely to SDSI, however, it draws conclusions about local names that do not follow from SDSI's name resolution algorithm. Moreover its semantics is somewhat unintuitive. This paper presents the logic of local name containment, which does not suffer from these deficiencies. It has a clear semantics and provides a tight characterization of SDSI name resolution. The semantics is shown to be closely related to that of logic programs, leading to an approach to the efficient implementation of queries concerning local names. A complete axiomatization of the logic is also provided.

[1]  Ronald Fagin,et al.  Reasoning about knowledge , 1995 .

[2]  B. Lampson,et al.  Authentication in distributed systems: theory and practice , 1991, TOCS.

[3]  Joseph Y. Halpern,et al.  Naming and Identity in Epistemic Logics Part I: The Propositional Case , 1993, J. Log. Comput..

[4]  Joseph Y. Halpern,et al.  A Logic for SDSI's Linked Local Name Spaces , 2001, J. Comput. Secur..

[5]  J. Lloyd Foundations of Logic Programming , 1984, Symbolic Computation.

[6]  Liz Sonenberg,et al.  Fixed Point Theorems and Semantics: A Folk Tale , 1982, Inf. Process. Lett..

[7]  Ronald L. Rivest,et al.  SDSI - A Simple Distributed Security Infrastructure , 1996 .

[8]  Jeffrey D. Ullman,et al.  Principles of Database and Knowledge-Base Systems, Volume II , 1988, Principles of computer science series.

[9]  Martín Abadi,et al.  On SDSI's linked local name spaces , 1997, Proceedings 10th Computer Security Foundations Workshop.

[10]  Joan Feigenbaum,et al.  Decentralized trust management , 1996, Proceedings 1996 IEEE Symposium on Security and Privacy.

[11]  Joseph Y. Halpern,et al.  Knowledge and common knowledge in a distributed environment , 1984, JACM.

[12]  Martín Abadi,et al.  A Calculus for Access Control in Distributed Systems , 1991, CRYPTO.

[13]  Robert A. Kowalski,et al.  The Semantics of Predicate Logic as a Programming Language , 1976, JACM.