#### DMCA

## Proof-Carrying Authentication (1999)

### Cached

### Download Links

- [www.cs.princeton.edu]
- [www.princeton.edu]
- DBLP

### Other Repositories/Bibliography

Venue: | In Proceedings of the 6th ACM Conference on Computer and Communications Security |

Citations: | 202 - 6 self |

### Citations

1714 | The Definition of Standard ML.
- Milner, Tofte, et al.
- 1997
(Show Context)
Citation Context ...The logical inference rules are specified in 46 lines, excluding rules for arithmetic, which can be specified in another dozen or so. The Twelf proof-checker itself [13] is implemented in Standard ML =-=[8]-=-: the parser is 2549 lines of commented code, and the proofchecking algorithm is 1540 lines. The parser need not be considered part of the trusted computing base, since a broken parser cannot 11 contr... |

1240 | Proof-carrying code
- Necula
- 1997
(Show Context)
Citation Context ...eneral algorithm for producing proofs of all true statements. Still, a server presented with a request must be able to figure out what to do. We solve this problem by analogy with proof-carrying code =-=[9]-=-: the client desiring access must construct a proof, and the server will simply check that proof. Even in an undecidable logic, proof checking can be simple and efficient. We put the burden of proof o... |

1024 | Decentralized trust management. In:
- Blaze, Feigenbaum, et al.
- 1996
(Show Context)
Citation Context ...using digital certificates. SPKI [4] and SDSI [14] (since merged under the joint name SPKI) were reactions to the perceived complexity of X.509; in both cases the ‘S’ stands for ‘simple.’ PolicyMaker =-=[3]-=- is a language for expressing security policies; it can be applied to distributed security policies. Kerberos [12], unlike the other frameworks, uses symmetric-key encryption to authenticate users. Ea... |

794 | A framework for defining logics
- Harper, Honsell, et al.
- 1993
(Show Context)
Citation Context ... server, so there must be a machine-readable and -checkable notation for theorem and proof. We use a higher-order logic implemented in Twelf [13], an implementation of the Edinburgh Logical Framework =-=[5]-=-. Research in proof-carrying code [11] has shown that the Logical Framework (LF) is an excellent notation for explicit proofs that are to be transmitted and then checked with a minimal trusted computi... |

515 | Authentication in Distributed Systems: Theory and Practice.
- Lampson, Abadi, et al.
- 1992
(Show Context)
Citation Context ...authentication frameworks exist; we mention a few here as examples. The Taos operating system provided support for secure remote procedure call and data structures to represent authority and identity =-=[6]-=-. X.509 [15] is a widely-used standard for expressing and using digital certificates. SPKI [4] and SDSI [14] (since merged under the joint name SPKI) were reactions to the perceived complexity of X.50... |

485 |
Kerberos: An Authentication Service for Computer Networks,
- Neuman, Ts’o
- 1994
(Show Context)
Citation Context ... perceived complexity of X.509; in both cases the ‘S’ stands for ‘simple.’ PolicyMaker [3] is a language for expressing security policies; it can be applied to distributed security policies. Kerberos =-=[12]-=-, unlike the other frameworks, uses symmetric-key encryption to authenticate users. Each framework has a differerent semantics and offers a different kind of flexibility. Formal logic has been used su... |

432 | A calculus for access control in distributed systems.
- Abadi, Burrows, et al.
- 1993
(Show Context)
Citation Context ...offers a different kind of flexibility. Formal logic has been used successfully to explain authentication frameworks and protocols, most notably in the design of the Taos distributed operating system =-=[1, 6]-=-. The designers of Taos started by constructing an elegant and expressive logic of authentication as an extension of propositional calculus. They proved this logic sound — any provable statement is tr... |

357 | System description: Twelf – a meta-logical framework for deductive systems.
- Pfenning, Schürmann
- 1999
(Show Context)
Citation Context ...oduced by the client requesting services and checked by the server, so there must be a machine-readable and -checkable notation for theorem and proof. We use a higher-order logic implemented in Twelf =-=[13]-=-, an implementation of the Edinburgh Logical Framework [5]. Research in proof-carrying code [11] has shown that the Logical Framework (LF) is an excellent notation for explicit proofs that are to be t... |

354 | SDSI: A Simple Distributed Security Infrastructure. http: //research.microsoft.com/en-us/um/ people/blampson/59-sdsi/webpage.html,
- Rivest, Lampson
- 1996
(Show Context)
Citation Context ...ort for secure remote procedure call and data structures to represent authority and identity [6]. X.509 [15] is a widely-used standard for expressing and using digital certificates. SPKI [4] and SDSI =-=[14]-=- (since merged under the joint name SPKI) were reactions to the perceived complexity of X.509; in both cases the ‘S’ stands for ‘simple.’ PolicyMaker [3] is a language for expressing security policies... |

150 | Compiling with proofs
- NECULA
- 1998
(Show Context)
Citation Context ...eadable and -checkable notation for theorem and proof. We use a higher-order logic implemented in Twelf [13], an implementation of the Edinburgh Logical Framework [5]. Research in proof-carrying code =-=[11]-=- has shown that the Logical Framework (LF) is an excellent notation for explicit proofs that are to be transmitted and then checked with a minimal trusted computing base. The algorithm for checking LF... |

62 | Efficient representation and validation of proofs.
- Necula, Lee
- 1998
(Show Context)
Citation Context ...rn out to be helpful in structuring the proof, they can be represented in a very reasonable size, as the table shows. These numbers are gross overestimates of what can be achieved in practice; Necula =-=[10]-=- has shown methods of reducing the redundancy in LF proofs and cutting their size by large factors. Some servers – such as programmable disk controllers or active-network routers – are so specialized ... |

4 |
ITU-T Recommendation X.509, The Directory: Authentication Framework
- Union
- 1997
(Show Context)
Citation Context ...ion frameworks exist; we mention a few here as examples. The Taos operating system provided support for secure remote procedure call and data structures to represent authority and identity [6]. X.509 =-=[15]-=- is a widely-used standard for expressing and using digital certificates. SPKI [4] and SDSI [14] (since merged under the joint name SPKI) were reactions to the perceived complexity of X.509; in both c... |