Presentation is loading. Please wait.

Presentation is loading. Please wait.

KeyNote Presentation KeyNote. Vishwas Patil, TIFR.2/10 KeyNote: “?”  Aim:- A notation for specifying local security policies and security credentials.

Published byTheodora McDaniel Modified over 9 years ago

Similar presentations

Presentation on theme: "KeyNote Presentation KeyNote. Vishwas Patil, TIFR.2/10 KeyNote: “?”  Aim:- A notation for specifying local security policies and security credentials."— Presentation transcript:

1 KeyNote Presentation KeyNote

2 Vishwas Patil, TIFR.2/10 KeyNote: “?”  Aim:- A notation for specifying local security policies and security credentials that can be sent over an untrusted network.

3 KeyNote Presentation Vishwas Patil, TIFR.3/10 KeyNote: versus PolicyMaker  KeyNote predicate notations are based on C-like expressions and regular expressions.  KeyNote assertions always return a boolean.  It has built-in credential signature verification.  Human-readable assertion syntax (RFC 822).  Trusted actions are described by simple attribute/value pair. But it is similar in spirit to that of PolicyMaker!

4 KeyNote Presentation Vishwas Patil, TIFR.4/10 KeyNote: Approach  KeyNote accepts as input a set of local policy assertions, a collection of credential assertions, and a collection of attributes ( action environment ) that describes a proposed trusted action associated with a set of public-keys.  By applying assertion predicates to the environment it decides consistency of actions with local policy.

5 KeyNote Presentation Vishwas Patil, TIFR.5/10 KeyNote: Architecture  KeyNote is monotonic; adding an assertion to a query can never result in a query's having a lower compliance value that it would have had without the assertion.  Removing an assertion never results in increasing the compliance value returned by KeyNote for a given query.  The monotonicity property can simplify the design and analysis of complex network- based security protocols.

6 KeyNote Presentation Vishwas Patil, TIFR.6/10 KeyNote: Architecture Continued  KeyNote does not itself provide credential revocation services.  KeyNote compliance checker helps in verifying (signature) the credentials received from untrusted requestor.

7 KeyNote Presentation Vishwas Patil, TIFR.7/10

8 KeyNote Presentation Vishwas Patil, TIFR.8/10 Keynote: Basic Syntax structure  A KeyNote assertion contains a sequence of sections, called fields, each of which specifies one aspect of the assertion's semantics.  Fields start with an identifier at the beginning of a line and continue until the next field is encountered. :: ? ? ? ? ? ? ; [X]* means zero or more repetitions of character string X. [X]+ means one or more repetitions of X. * means zero or more repetitions of non-terminal. + means one or more repetitions of X. ? means zero or one repetitions of X.  Nonterminal grammar symbols are enclosed in angle brackets.  Quoted strings in grammar productions represent terminals.  All KeyNote assertions are encoded in ASCII.

9 KeyNote Presentation Vishwas Patil, TIFR.9/10 KeyNote: Semantics  Informally, the semantics of KeyNote evaluation can be thought of as involving the construction of a directed graph of KeyNote assertions rooted at a POLICY assertion that connects with at least one of the principals that requested the action.  Semantics are almost similar to PolicyMaker.  RFC 2704 gives detailed description of the semantics.

10 KeyNote Presentation Vishwas Patil, TIFR.10/10 KeyNote: Discussion  Advantages / Disadvantages  Evaluation: simplicity, expressiveness, generality, extensibility  Open-Source implementations available.  OpenBSD uses it in IPSEC implementation.  $ man keynote

Download ppt "KeyNote Presentation KeyNote. Vishwas Patil, TIFR.2/10 KeyNote: “?”  Aim:- A notation for specifying local security policies and security credentials."

Similar presentations

BNF. What is BNF? BNF stands for “Backus-Naur Form,” after the people who invented it BNF is a metalanguage--a language used to describe another language.

BNF. What is BNF? BNF stands for “Backus-Naur Form,” after the people who invented it BNF is a metalanguage--a language used to describe another language.
Administrative Policies in XACML Erik Rissanen Swedish Institute of Computer Science.

Administrative Policies in XACML Erik Rissanen Swedish Institute of Computer Science.
1 Introduction to Computability Theory Lecture12: Decidable Languages Prof. Amos Israeli.

1 Introduction to Computability Theory Lecture12: Decidable Languages Prof. Amos Israeli.
176 Formal Languages and Applications: We know that Pascal programming language is defined in terms of a CFG. All the other programming languages are context-free.

176 Formal Languages and Applications: We know that Pascal programming language is defined in terms of a CFG. All the other programming languages are context-free.
1 8. Safe Query Languages Safe program – its semantics can be at least partially computed on any valid database input. Safety is tied to program verification,

1 8. Safe Query Languages Safe program – its semantics can be at least partially computed on any valid database input. Safety is tied to program verification,
Chapter 4 Lexical and Syntax Analysis Sections 1-4.

Chapter 4 Lexical and Syntax Analysis Sections 1-4.
Chapter 3 Describing Syntax and Semantics Sections 1-3.

Chapter 3 Describing Syntax and Semantics Sections 1-3.
1 Draft of a Matchmaking Service Chuang liu. 2 Matchmaking Service Matchmaking Service is a service to help service providers to advertising their service.

1 Draft of a Matchmaking Service Chuang liu. 2 Matchmaking Service Matchmaking Service is a service to help service providers to advertising their service.
Context-Free Grammars Lecture 7

Context-Free Grammars Lecture 7
Implementing a Distributed Firewall

Implementing a Distributed Firewall
Chapter 3 Describing Syntax and Semantics Sections 1-3.

Chapter 3 Describing Syntax and Semantics Sections 1-3.
Slide 1 Chapter 3 Attribute Grammars. Slide 2 Attribute Grammars Certain language structures cannot be described using EBNF. Attribute grammars are extensions.

Slide 1 Chapter 3 Attribute Grammars. Slide 2 Attribute Grammars Certain language structures cannot be described using EBNF. Attribute grammars are extensions.
Chapter 3 Describing Syntax and Semantics Sections 1-3.

Chapter 3 Describing Syntax and Semantics Sections 1-3.
BİL744 Derleyici Gerçekleştirimi (Compiler Design)1.

BİL744 Derleyici Gerçekleştirimi (Compiler Design)1.
Data Security in Local Networks using Distributed Firewalls

Data Security in Local Networks using Distributed Firewalls
15-Jul-15 JSON. JSON example “JSON” stands for “JavaScript Object Notation” Despite the name, JSON is a (mostly) language-independent way of specifying.

15-Jul-15 JSON. JSON example “JSON” stands for “JavaScript Object Notation” Despite the name, JSON is a (mostly) language-independent way of specifying.
Lexical and syntax analysis

Lexical and syntax analysis
(2.1) Grammars  Definitions  Grammars  Backus-Naur Form  Derivation – terminology – trees  Grammars and ambiguity  Simple example  Grammar hierarchies.

(2.1) Grammars  Definitions  Grammars  Backus-Naur Form  Derivation – terminology – trees  Grammars and ambiguity  Simple example  Grammar hierarchies.
Fundamentals of Python: From First Programs Through Data Structures

Fundamentals of Python: From First Programs Through Data Structures
Fundamentals of Python: First Programs

Fundamentals of Python: First Programs

Similar presentations

Ads by Google