Analysis of SPKI/SDSI Certificates Using Model Checking
SPKI/SDSI is a framework for expressing naming and authorization issues that arise in a distributed-computing environment. In this paper, the authors establish a connection between SPKI/SDSI and a formalism known as Pushdown Systems (PDSs). They show that the SPKI/SDSI-to-PDS connection provides a framework for formalizing a variety of certificate-analysis problems. Moreover, the connection has computational significance: Many analysis problems can be solved efficiently (i.e., In time polynomial in the size of the certificate set) using existing algorithms for model checking pushdown systems.