Mergers and Principals

Gollmann, Dieter

doi:10.1007/3-540-44810-1_2

Dieter Gollmann⁷

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 2133))

Included in the following conference series:

International Workshop on Security Protocols

323 Accesses
1 Citations

Abstract

The term ‘principal’ has roots both in computer security and in communications security. We will show that in those two areas principals serve quite different purposes. We also note that the term principal is overloaded in computer security and propose a separation into three different aspects: origin of message, access control rule, and accountable entity. Furthermore, we will defend the merits of extensional security specifications and show that it is not fruitful to expect that security mechanisms can only have one ‘correct’ interpretation.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 39.99; Price excludes VAT (USA)

Softcover Book: USD 54.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

References

Martín Abadi. On SDSI’s linked local name spaces. Journal of Computer Security, 6:3–21, 1998.
Google Scholar
Andrew D. Birrell, Butler W. Lampson, Roger M. Needham, and Michael D. Schroeder. A global authentication service without global trust. In Proceedings of the 1986 IEEE Symposium on Research in Security and Privacy, pages 223–230, 1986.
Google Scholar
Michael Burrows, Martín Abadi, and Roger Needham. Authentication: A practical study in belief and action. In M. Y. Vardi, editor, Theoretical Aspects of Reasoning About Knowledge, pages 325–342, 1988.
Google Scholar
Michael Burrows, Martín Abadi, and Roger Needham. A logic of authentication. DEC Systems Research Center, Report 39, revised February 22 1990.
Google Scholar
Joan Feigenbaum. Overview of the AT&T Labs trust-management project. In Security Protocols, LNCS 1550, pages 45–50. Springer Verlag, 1998.
Chapter Google Scholar
M. Gasser. The role of naming in secure distributed systems. In Proceedings of the CS’90 Symposium on Computer Security, pages 97–109, Rome, Italy, November 1990.
Google Scholar
M. Gasser, A. Goldstein, C. Kaufman, and B. Lampson. The digital distributed system security architecture. In Proceedings of the 1989 National Computer Security Conference, 1989.
Google Scholar
Dieter Gollmann. On the verification of cryptographic protocols-a tale of two committees. In S. Schneider, editor, ENTCS Proceedings of the DERA/RHBNC workshops on Secure Architectures and Information Flow, 1999. Elsevier, 2000. http://www.elsevier.nl/locate/entcs/volume32.html.
Dieter Gollmann. Whither authentication. In M. Roe, editor, Proceedings of the 1999 Cambridge Security Protocols Workshop. Springer Verlag, to appear.
Google Scholar
Li Gong. Inside Java 2 Platform Security. Addison-Wesley, Reading, MA, 1999.
Google Scholar
J. Y. Halpern and R. van der Meyden. A logic for SDSI linked local name spaces. In Proceedings of the 12th IEEE Computer Security Foundations Workshop, pages 111–122, 1999.
Google Scholar
Himanshu Khurana and Virgil D. Gligor. Review and revocation of access privileges distributed with PKI certificates. In this proceedings.
Google Scholar
J. T. Kohl. The evolution of the kerberos authentication service. In Spring 1991 EurOpen Conference, Tromsø, Norway, 1991.
Google Scholar
Butler Lampson, Martín Abadi, Michael Burrows, and Edward Wobber. Authentication in distributed systems: Theory and practice. ACM Transactions on Computer Systems, 10(4):265–310, November 1992.
Google Scholar
S. P. Miller, B. C. Neuman, J. I. Schiller, and J. H. Saltzer. Section E.2.1: Kerberos authentication and authorization system. Technical report, MIT Project Athena, Cambridge, MA, 1987.
Google Scholar
Ron Rivest and Butler Lampson. SDSI-a simple distributed security infrastructure. Technical report, 1996. http://theory.lcs.mit.edu/~cis/sdsi.html.
A. W. Roscoe. Intensional specifications of security protocols. In Proceedings of the 9th IEEE Computer Security Foundations Workshop, pages 28–38, 1996.
Google Scholar
J. J. Tardo and K. Alagappan. SPX-global authentication using public-key certificates. In Proceedings of the 1991 IEEE Symposium on Research in Security and Privacy, pages 232–244, 1991.
Google Scholar

Download references

Author information

Authors and Affiliations

Microsoft Research, Cambridge, UK
Dieter Gollmann

Authors

Dieter Gollmann
View author publications
You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

Computer Science Department, University of Hertfordshire, Hatfield, AL10 9AB, UK
Bruce Christianson & James A. Malcolm &
Cryptomathic, Corso Svizzera 185, 10149, Torino, Italy
Bruno Crispo
Microsoft Research Ltd., St. George House, 1 Guildhall Street, Cambridge, CB2 3NH, UK
Michael Roe

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Gollmann, D. (2001). Mergers and Principals. In: Christianson, B., Malcolm, J.A., Crispo, B., Roe, M. (eds) Security Protocols. Security Protocols 2000. Lecture Notes in Computer Science, vol 2133. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-44810-1_2

Download citation

DOI: https://doi.org/10.1007/3-540-44810-1_2
Published: 20 September 2001
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-42566-3
Online ISBN: 978-3-540-44810-5
eBook Packages: Springer Book Archive

Publish with us

Policies and ethics