Carl A. Gunter and Trevor Jim
University of Pennsylvania
We propose a security infrastructure based on authenticated data distribution , implemented via the automatic management of queries and certificates. This approach is appropriate for an infrastructure to be used by application programmers, because they are not experts in cryptographic algorithms or security protocols. Our query certificate managers hide the use of cryptography and message sending from the programmer, and hence prevent programmer errors that could lead to security failures. The system has a formal semantics and correctness guarantees.