Skip to main content
SpringerLink
Log in

Regular SPKI

  • Conference paper
Security Protocols (Security Protocols 2003)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 3364))

Included in the following conference series:

Abstract

SPKI is a certificate-based framework for authorisation in distributed systems. The SPKI framework is extended by an iteration construct, essentially Kleene star, to express constraints on delegation chains. Other possible applications, not explored in the paper, include multidomain network routing path constraints. The main decision problems for the extended language are shown to correspond to regular language membership and containment respectively. To support an efficient decision algorithm in both cases we give a sound and complete inference system for a fragment of the language which is decidable in polynomial time. We finally show how to use the extended syntax to represent constrained delegation in SPKI.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Bandmann, O., Dam, M.: A note on SPKI’s authorisation syntax. In: Proc. 1st Annual PKI Research Workshop (2002)

    Google Scholar 

  2. Bandmann, O., Dam, M., Sadighi Firozabadi, B.: Constrained delegation. In: Proc. 23rd Annual Symp. on Security and Privacy (2002)

    Google Scholar 

  3. Clarke, D., Elien, J.-E., Ellison, C., Fredette, M., Morcos, A., Rivest, R.L.: Certificate chain discovery in spki/sdsi. Journal of Computer Security 9, 285–322 (2001)

    Google Scholar 

  4. Ellison, C.M., Frantz, B., Lampson, B., Rivest, R., Thomas, B.M., Ylonen, T.: SPKI Certificate Theory. RFC 2693, expired (1999), ftp://ftp.isi.edu/in-notes/rfc2693.txt

  5. Jha, S., Reps, T.: Analysis of SPKI/SDSI certificates using model checking. In: Proc. IEEE Computer Security Foundations Workshop, pp. 129–146 (2002)

    Google Scholar 

  6. Kozen, D.: Results on the propositional mu-calculus. Theoretical Computer Science 27, 333–354 (1983)

    Article  MATH  MathSciNet  Google Scholar 

  7. Rivest, R.: S-expressions, Internet Draft, expired (May 1997), http://theory.lcs.mit.edu/~rivest/sexp.txt

Download references

Author information

Authors and Affiliations

  1. LECS/IMIT, Royal Institute of Technology (KTH), KTH Electrum 229, SE–164 40, Kista, Sweden

    Mads Dam

Authors
  1. Mads Dam
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Computer Systems Group, Vrije Universiteit, Amsterdam, The Netherlands

    Bruno Crispo

  2. Georgia Institute of Technology, Atlanta, GA

    James A. Malcolm

  3. Microsoft Research, Cambridge, UK

    Michael Roe

Rights and permissions

Reprints and permissions

Copyright information

© 2005 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Dam, M. (2005). Regular SPKI. In: Christianson, B., Crispo, B., Malcolm, J.A., Roe, M. (eds) Security Protocols. Security Protocols 2003. Lecture Notes in Computer Science, vol 3364. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11542322_18

Download citation

  • DOI: https://doi.org/10.1007/11542322_18

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-28389-8

  • Online ISBN: 978-3-540-31836-1

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation