next up previous
Next: Introduction

Design of an Application-Level Security Infrastructure

Carl A. Gunter and Trevor Jim[*]
University of Pennsylvania


We propose a security infrastructure based on authenticated data distribution , implemented via the automatic management of queries and certificates. This approach is appropriate for an infrastructure to be used by application programmers, because they are not experts in cryptographic algorithms or security protocols. Our query certificate managers hide the use of cryptography and message sending from the programmer, and hence prevent programmer errors that could lead to security failures. The system has a formal semantics and correctness guarantees.