Consumable Credentials in Logic-Based Access-Control Systems

Proceedings of the Symposium on Network and Distributed System Security, NDSS 2007

Volumn , Issue , 2007, Pages

  Bowers, Kevin D ^a   Bauer, Lujo ^a   Garg, Deepak ^a   Pfenning, Frank ^a   Reiter, Michael K ^a  

^a CARNEGIE MELLON UNIVERSITY   (United States)

Author keywords

[No Author keywords available]

Indexed keywords

AUTHORIZATION; COMPUTATION THEORY; COMPUTER CIRCUITS; DISTRIBUTED COMPUTER SYSTEMS; NETWORK SECURITY;

ACCESS CONTROL LOGIC; ACCESS CONTROL SYSTEMS; AUTHORIZATION SYSTEMS; CONSUMABLES; DESIGN AND IMPLEMENTS; DESIGN MECHANISMS; DISTRIBUTED AUTHORIZATION; DISTRIBUTED SYSTEMS; IMPLEMENT MECHANISMS; MISBEHAVIOUR;

UBIQUITOUS COMPUTING;

EID: 80052494019     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: None     Document Type: Conference Paper

References (49)

1. M. Abadi. On SDSI’s linked local name spaces. Journal of Computer Security, 6(1–2):3–21, Oct. 1998.
2. M. Abadi, M. Burrows, B. Lampson, and G. D. Plotkin. A calculus for access control in distributed systems. ACM Transactions on Programming Languages and Systems, 15(4):706–734, Sept. 1993.
3. M. Abadi, E. Wobber, M. Burrows, and B. Lampson. Authentication in the Taos Operating System. In Proceedings of the 14th ACM Symposium on Operating System Principles, pages 256–269, Dec. 1993.
4. A. W. Appel and E. W. Felten. Proof-carrying authentication. In Proceedings of the 6th ACM Conference on Computer and Communications Security, pages 52–62, 1999.
5. D. Balfanz, D. Dean, and M. Spreitzer. A security infrastructure for distributed java applications. In Proceedings of the 2000 IEEE Symposium on Security and Privacy, pages 15–26, 2000.
6. L. Bauer. Access Control for the Web via Proof-carrying Authorization. PhD thesis, Princeton University, Nov. 2003.
7. L. Bauer, K. D. Bowers, F. Pfenning, and M. K. Reiter. Consumable credentials in logic-based access control. Technical Report CMU-CyLab-06-002, Carnegie Mellon University, Feb 2006.
8. L. Bauer, S. Garriss, J. M. McCune, M. K. Reiter, J. Rouse, and P. Rutenbar. Device-enabled authorization in the Grey system. In Proceedings of the 8th Information Security Conference, pages 431–445, Sept. 2005.
9. L. Bauer, S. Garriss, and M. K. Reiter. Distributed proving in access-control systems. In Proceedings of the 2005 IEEE Symposium on Security and Privacy, pages 81–95, May 2005.
10. L. Bauer, M. A. Schneider, and E. W. Felten. A general and flexible access-control system for the Web. In Proceedings of the 11th USENIX Security Symposium, pages 93–108, 2002.
11. B. Baum-Waidner. Optimistic asynchronous multi-party contract signing with reduced number of rounds. In Proceedings of the 28th International Colloquium on Automata, Languages and Programming, pages 898–911, 2001.
12. B. Baum-Waidner and M. Waidner. Round-optimal and abuse free optimistic multi-party contract signing. In Proceedings of the 27th International Colloquium on Automata, Languages and Programming, pages 524–535, 2000.
13. M. Bellare, J. Garay, R. Hauser, A. Herzberg, H. Krawczyk, M. Steiner, G. Tsudik, E. V. Herreweghen, and M. Waidner. Design, implementation, and deployment of the iKP secure electronic payment system. IEEE Journal on Selected Areas in Communications, 18(4):611–627, Apr 2000.
14. M. Ben-Or, O. Goldreich, S. Micali, and R. L. Rivest. A fair protocol for signing contracts. IEEE Transactions on Information Theory, 36(1):40–46, 1990.
15. M. Blaze, J. Feigenbaum, J. Ioannidis, and A. D. Keromytis. The KeyNote trust-management system, version 2. Request For Comments (RFC) 2704, Sept. 1999.
16. M. Blum, A. DeSantis, S. Micali, and G. Persiano. Non-interactive zero-knowledge. SIAM Journal of Computing, 20(6):1084–1118, 1991.
17. D. F. C. Brewer and M. J. Nash. The Chinese wall security policy. In Proceedings of the IEEE Symposium on Security and Privacy, pages 206–214, 1989.
18. M. Burrows, M. Abadi, and R. Needham. A logic of authentication. ACM Transactions on Computer Systems, 8(1):18–36, 1990.
19. J. G. Cederquist, R. J. Corin, M. A. C. Dekker, S. Etalle, J. I. den Hartog, and G. Lenzini. The audit logic: Policy compliance in distributed systems. Technical Report TR-CTIT-06-33, Centre for Telematics and Information Technology, University of Twente, 2006.
20. R. Chadha, S. Kramer, and A. Scedrov. Formal analysis of multi-party contract signing. In Proceedings of the 17th IEEE Computer Security Foundations Workshop, pages 266–279, 2004.
21. A. H. Chan, Y. Frankel, and Y. Tsiounis. Easy come - easy go divisible cash. In Advances in Cryptology - Proceedings of Eurocrypt’98, pages 561–575, 1998.
22. D. Chaum. Blind signatures for untraceable payments. In Advances in Cryptology, Proceedings of Crypto’82, pages 199–203. 1983.
23. D. Chaum. Security without identification: Transaction systems to make big brother obsolete. Communications of the ACM, 28(10):1030–1044, 1985.
24. D. Chaum. Online cash checks. In Advances in Cryptology, Proceedings of Eurocrypt’89, pages 288–293, 1990.
25. D. Chaum, A. Fiat, and M. Naor. Untraceable electronic cash. In Advances in Cryptology, Proceedings of Crypto’88, pages 319–327, 1990.
26. D. E. Clarke, J.-E. Elien, C. M. Ellison, M. Fredette, A. Morcos, and R. L. Rivest. Certificate chain discovery in SPKI/SDSI. Journal of Computer Security, 9(4):285–322, 2001.
27. T. ElGamal. A public key cryptosystem and a signature scheme based on discrete logarithm. IEEE Transactions on Information Theory, 31:465–472, 1985.
28. J. A. Garay, M. Jakobsson, and P. MacKenzie. Abuse-free optimistic contract signing. In Advances in Cryptology, Proceedings of Crypto’99, pages 449–466, 1999.
29. J. A. Garay and P. D. MacKenzie. Abuse-free multiparty contract signing. In Proceedings of the 13th International Symposium on Distributed Computing, pages 151–165, 1999.
30. D. Garg, L. Bauer, K. D. Bowers, F. Pfenning, and M. K. Reiter. A linear logic of authorization and knowledge. In Proceedings of the 11th European Symposium on Research in Computer Security, pages 297–312, Sept. 2006.
31. D. Garg and F. Pfenning. Non-interference in constructive authorization logic. In Proceedings of the 19th IEEE Computer Security Foundations Workshop, pages 283–296, 2006.
32. J.-Y. Girard. Linear logic. Theoretical Computer Science, 50:1–102, 1987.
33. J. Y. Halpern and R. van der Meyden. A logic for SDSI’s linked local name spaces. In Proceedings of the 12th IEEE Computer Security Foundations Workshop, pages 111–122, June 1999.
34. J. Y. Halpern and R. van der Meyden. A logical reconstruction of SPKI. In Proceedings of the 14th IEEE Computer Security Foundations Workshop, pages 59 – 70, 2001.
35. J. Y. Halpern and V. Weissman. Using first-order logic to reason about policies. In Proceedings of the 16th IEEE Computer Security Foundations Workshop, pages 187 – 201, June 2003.
36. J. Howell. Naming and sharing resources across administrative boundaries. PhD thesis, Dartmouth College, May 2000.
37. J. Howell and D. Kotz. A formal semantics for SPKI. In Proceedings of the 6th European Symposium on Research in Computer Security, pages 140–158, 2000.
38. B. Lampson, M. Abadi, M. Burrows, and E. Wobber. Authentication in distributed systems: Theory and practice. ACM Transactions on Computer Systems, 10(4):265–310, Nov. 1992.
39. N. Li, B. N. Grosof, and J. Feigenbaum. Delegation logic: a logic-based approach to distributed authorization. ACM Transactions on Information and Systems Security, 6(1):128–171, Feb. 2003.
40. N. Li and J. C. Mitchell. Understanding SPKI/SDSI using first-order logic. In Proceedings of the 16th IEEE Computer Security Foundations Workshop, pages 89–103, June 2003.
41. N. Li, J. C. Mitchell, and W. H. Winsborough. Design of a role-based trust management framework. In Proceedings of the 2002 IEEE Symposium on Security and Privacy, pages 114–130, May 2002.
42. P. López, F. Pfenning, J. Polakow, and K. Watkins. Monadic concurrent linear logic programming. In Proceedings of the 7th International Symposium on Principles and Practice of Declarative Programming, pages 35–46, July 2005.
43. G. C. Necula. Proof-carrying code. In Proceedings of the 24th ACM Symposium on Principles of Programming Languages, pages 106–119, Jan. 1997.
44. T. Okamoto and K. Ohta. Universal electronic cash. In Advances in Cryptoloty, Proceedings of Crypto’91, pages 324–337. 1992.
45. B. Pfitzmann and M. Waidner. How to break and repair a “provably secure” untraceable payment system. In Advances in Cryptoloty, Proceedings of Crypto’91, pages 338–350. 1992.
46. SET Secure Electronic Transaction LLC. The SET Standard Specification, May 1997.
47. D. R. Simon. Anonymous communication and anonymous cash. In Advances in Cryptology, Proceedings of Crypto’96, pages 61–73, 1996.
48. M. Sirbu and J. D. Tygar. Netbill: An internet commerce system optimized for network delivered services. In Proceedings of the 40th IEEE Computer Society International Conference, pages 20 – 25, 1995.
49. H. Tewari, D. O’Mahony, and M. Peirce. Reusable off-line electronic cash using secret splitting. Technical report, Trinity College, 1998.