The distribution and revocation of public-key certificates are essential aspects of secure digital communication. As a first step towards a methodology for the development of reliable models, we present a formalism for the specification and reasoning about the distribution and revocation of public keys, based on graphs. The model is distributed in nature; each entity can issue certificates for public keys that it knows, and distribute these to other entities. Each entity has its own public key bases and can derive new certificates from this knowledge. If some of the support for the derived knowledge is revoked, then some of the derived certificates may be revoked as well. Cyclic support is avoided. Graph transformation rules are used for the management of the certificates, and we prove soundness and completeness for our model. © 2010 Springer-Verlag.
A Model for Distribution and Revocations of Certificates / A., Hagstrom; PARISI PRESICCE, Francesco. - STAMPA. - 6372:(2010), pp. 314-329. (Intervento presentato al convegno 5th International Conference on Graph Transformations, ICGT 2010 tenutosi a Enschede, NL nel September 27 - October 2, 2010) [10.1007/978-3-642-15928-2_21].
A Model for Distribution and Revocations of Certificates
PARISI PRESICCE, Francesco
2010
Abstract
The distribution and revocation of public-key certificates are essential aspects of secure digital communication. As a first step towards a methodology for the development of reliable models, we present a formalism for the specification and reasoning about the distribution and revocation of public keys, based on graphs. The model is distributed in nature; each entity can issue certificates for public keys that it knows, and distribute these to other entities. Each entity has its own public key bases and can derive new certificates from this knowledge. If some of the support for the derived knowledge is revoked, then some of the derived certificates may be revoked as well. Cyclic support is avoided. Graph transformation rules are used for the management of the certificates, and we prove soundness and completeness for our model. © 2010 Springer-Verlag.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
