Skip to main content
Springer Nature Link
Log in

Invited Paper: Using Signed Formulas for Online Certification

  • Conference paper
  • First Online:
Stabilization, Safety, and Security of Distributed Systems (SSS 2024)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 14931))

  • 168 Accesses

Abstract

Certifying software-based systems is a time-consuming and expensive task that requires much manual human effort. We introduce Online Certification, a partly automated version of the certification process, where participants provide the necessary information dynamically. All information is cryptographically signed to ensure integrity and authorization, and a system of certificates allows for fine-grained delegation of competencies. The requirements for certification, as well as the information needed to fulfill them, are represented in a subset of first-order logic. Consequently, validation is performed using automated logic reasoning. Compared to existing approaches, Online Certification enhances flexibility and agility. In cases where automatic generation of certification data is not possible, human certification processes can be integrated.

This work has received support by the Deutsche Forschungsgemeinschaft (DFG, German Research Foundation)—project number 389792660—TRR 248—CPEC, see https://perspicuous-computing.science.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  1. Alrabbaa, C., Baader, F., Borgwardt, S., Dachselt, R., Koopmann, P., Méndez, J.: Evonne: interactive proof visualization for description logics (system description). In: Blanchette, J., Kovács, L., Pattinson, D. (eds.) Automated Reasoning—11th International Joint Conference, IJCAR 2022, Haifa, Israel, August 8-10, 2022, Proceedings, volume 13385 of Lecture Notes in Computer Science, pp. 271–280. Springer (2022). https://doi.org/10.1007/978-3-031-10769-6_16

  2. The SPIFFE authors. Spiffe overview, 2024. URL https://spiffe.io/docs/latest/spiffe-about/overview/

  3. in-toto authors. What is in-toto?, 2023. URL https://in-toto.io/in-toto/

  4. Blanchet, B: An efficient cryptographic protocol verifier based on prolog rules. In: 14th IEEE Computer Security Foundations Workshop (CSFW-14), pp. 82–96

    Google Scholar 

  5. Cassar, I., Francalanza, A., Aceto, L., Ingólfsdóttir, A.: A survey of runtime monitoring instrumentation techniques. Electron Proc Theoret. Comput. Sci. 254, 15–28 (2017). ISSN 2075-2180. https://doi.org/10.4204/eptcs.254.2

  6. Dolev, D., Yao, A.: On the security of public key protocols. IEEE Trans. Inf. Theory 29(2), 198–208 (1983)

    Article  MathSciNet  MATH  Google Scholar 

  7. European Parliament. Directive (eu) 2022/2555 of the european parliament and of the council of 14 december 2022 on measures for a high common level of cybersecurity across the union, amending regulation (eu) no 910/2014 and directive (eu) 2018/1972, and repealing directive (eu) 2016/1148 (nis 2 directive), 2022. https://eur-lex.europa.eu/eli/dir/2022/2555/oj?uri=CELEX:32022L2555

  8. Holzmann, G.J.: The model checker spin. IEEE Trans. Software Eng. 23(5), 279–295 (1997)

    Article  MATH  Google Scholar 

  9. ISO 27001:2022. Information security, cybersecurity and privacy protection - Information security management systems - Requirements. Standard, International Organization for Standardization, Geneva, CH, January 2022

    Google Scholar 

  10. ISO 27002:2022. Information security, cybersecurity and privacy protection - Information security controls. Standard, International Organization for Standardization, Geneva, CH, January 2022

    Google Scholar 

  11. ISO 27799:2016. Health informatics - Information security management in health using ISO/IEC 27002. Standard, International Organization for Standardization, Geneva, CH, December 2016

    Google Scholar 

  12. Sthefano, M.,  da SILVA, L., et al.: Integrating spiffe and scone to enable universal identity support for confidential workloads (2021)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Technische Universität Dresden, Dresden, Germany

    Julius Wenzel & Christof Fetzer

  2. Gematik GmbH, Berlin, Germany

    Andreas Berg

Authors
  1. Julius Wenzel
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Andreas Berg
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Christof Fetzer
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Julius Wenzel .

Editor information

Editors and Affiliations

  1. Osaka University, Suita, Osaka, Japan

    Toshimitsu Masuzawa

  2. Nagoya Institute of Technology, Nagoya, Aichi, Japan

    Yoshiaki Katayama

  3. Ryukoku University, Otsu, Shiga, Japan

    Hirotsugu Kakugawa

  4. Toyohashi University of Technology, Toyohashi, Aichi, Japan

    Junya Nakamura

  5. Nagoya Institute of Technology, Nagoya, Japan

    Yonghwan Kim

Rights and permissions

Reprints and permissions

Copyright information

© 2025 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Wenzel, J., Berg, A., Fetzer, C. (2025). Invited Paper: Using Signed Formulas for Online Certification. In: Masuzawa, T., Katayama, Y., Kakugawa, H., Nakamura, J., Kim, Y. (eds) Stabilization, Safety, and Security of Distributed Systems. SSS 2024. Lecture Notes in Computer Science, vol 14931. Springer, Cham. https://doi.org/10.1007/978-3-031-74498-3_5

Download citation

  • DOI: https://doi.org/10.1007/978-3-031-74498-3_5

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-74497-6

  • Online ISBN: 978-3-031-74498-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics