Abstract | ||
---|---|---|
One of the main aims of certificate based Public Key Infrastructure (PKI) is to provide authentication in distributed systems. Through its functions, PKI authentication can be viewed as a re-usable component that can be integrated with other systems to offer strong authentication, scalability, and mobility, particularly for large organizations. PKI has been used to describe authentication in various types of applications ranging from e-commerce and web services applications to large scale systems such as Grid computing. This paper presents a formal approach for modeling certificate based PKI authentication. The approach makes use of two complementary models: one is state-based, described in Z, and the other is event-based, expressed in the Process Algebra of Hoare's Communicating Sequential Processes (CSP). The former will be used to capture the state of PKI key components used in the authentication process, the relationships between them, and model ''back-end'' operations on these components. Whereas the latter, CSP, will be used to model behavior, and in particular, ''front-end'' interactions and communications. Only when this authentication mechanism is properly formulated, reasoning about its correctness, vulnerabilities and usability can be scrutinized and possibly aided by automation. |
Year | DOI | Venue |
---|---|---|
2009 | 10.1016/j.entcs.2009.03.005 | Electr. Notes Theor. Comput. Sci. |
Keywords | Field | DocType |
csp,pki authentication,complementary model,formal approach,formal modelling,authentication,strong authentication,distributed systems,security,authentication process,model behavior,pki key component,large organization,formal methods,correctness,large scale system,z,authentication mechanism,formal method,process algebra,front end,web service,public key infrastructure,e commerce,distributed system,grid computing | Public key infrastructure,Lightweight Extensible Authentication Protocol,Authentication,Generic Bootstrapping Architecture,Computer science,Computer security,Communicating sequential processes,Theoretical computer science,Authentication protocol,Strong authentication,Process calculus,Distributed computing | Journal |
Volume | ISSN | Citations |
235, | Electronic Notes in Theoretical Computer Science | 3 |
PageRank | References | Authors |
0.54 | 9 | 2 |
Name | Order | Citations | PageRank |
---|---|---|---|
Ali Nasrat Haidar | 1 | 71 | 6.03 |
Ali E. Abdallah | 2 | 123 | 22.10 |