{"id":"https://openalex.org/W3213073946","doi":"https://doi.org/10.1145/3460120.3484793","title":"On Re-engineering the X.509 PKI with Executable Specification for Better Implementation Guarantees","display_name":"On Re-engineering the X.509 PKI with Executable Specification for Better Implementation Guarantees","publication_year":2021,"publication_date":"2021-11-12","ids":{"openalex":"https://openalex.org/W3213073946","doi":"https://doi.org/10.1145/3460120.3484793","mag":"3213073946"},"language":"en","primary_location":{"id":"doi:10.1145/3460120.3484793","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3460120.3484793","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3460120.3484793","source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://dl.acm.org/doi/pdf/10.1145/3460120.3484793","any_repository_has_fulltext":null},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5076448159","display_name":"Joyanta Debnath","orcid":"https://orcid.org/0000-0001-5817-2786"},"institutions":[{"id":"https://openalex.org/I126307644","display_name":"University of Iowa","ror":"https://ror.org/036jqmy94","country_code":"US","type":"education","lineage":["https://openalex.org/I126307644"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Joyanta Debnath","raw_affiliation_strings":["The University of Iowa, Iowa City, IA, USA"],"affiliations":[{"raw_affiliation_string":"The University of Iowa, Iowa City, IA, USA","institution_ids":["https://openalex.org/I126307644"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5062969921","display_name":"Sze Yiu Chau","orcid":"https://orcid.org/0000-0001-9300-0808"},"institutions":[{"id":"https://openalex.org/I177725633","display_name":"Chinese University of Hong Kong","ror":"https://ror.org/00t33hh48","country_code":"CN","type":"education","lineage":["https://openalex.org/I177725633"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Sze Yiu Chau","raw_affiliation_strings":["The Chinese University of Hong Kong, Hong Kong, Hong Kong"],"affiliations":[{"raw_affiliation_string":"The Chinese University of Hong Kong, Hong Kong, Hong Kong","institution_ids":["https://openalex.org/I177725633"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5070136662","display_name":"Omar Chowdhury","orcid":"https://orcid.org/0000-0002-1356-6279"},"institutions":[{"id":"https://openalex.org/I126307644","display_name":"University of Iowa","ror":"https://ror.org/036jqmy94","country_code":"US","type":"education","lineage":["https://openalex.org/I126307644"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Omar Chowdhury","raw_affiliation_strings":["The University of Iowa, Iowa City, IA, USA"],"affiliations":[{"raw_affiliation_string":"The University of Iowa, Iowa City, IA, USA","institution_ids":["https://openalex.org/I126307644"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5076448159"],"corresponding_institution_ids":["https://openalex.org/I126307644"],"apc_list":null,"apc_paid":null,"fwci":0.6998,"has_fulltext":true,"cited_by_count":8,"citation_normalized_percentile":{"value":0.77032499,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":94,"max":97},"biblio":{"volume":null,"issue":null,"first_page":"1388","last_page":"1404"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9979000091552734,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10927","display_name":"Access Control and Trust","score":0.9966999888420105,"subfield":{"id":"https://openalex.org/subfields/3312","display_name":"Sociology and Political Science"},"field":{"id":"https://openalex.org/fields/33","display_name":"Social Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7940378189086914},{"id":"https://openalex.org/keywords/public-key-infrastructure","display_name":"Public key infrastructure","score":0.7610315084457397},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.6415872573852539},{"id":"https://openalex.org/keywords/executable","display_name":"Executable","score":0.5030571818351746},{"id":"https://openalex.org/keywords/scalability","display_name":"Scalability","score":0.4280667006969452},{"id":"https://openalex.org/keywords/software-engineering","display_name":"Software engineering","score":0.3879966735839844},{"id":"https://openalex.org/keywords/public-key-cryptography","display_name":"Public-key cryptography","score":0.2538102865219116},{"id":"https://openalex.org/keywords/database","display_name":"Database","score":0.24627938866615295},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.16049346327781677},{"id":"https://openalex.org/keywords/encryption","display_name":"Encryption","score":0.12277165055274963}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7940378189086914},{"id":"https://openalex.org/C72648740","wikidata":"https://www.wikidata.org/wiki/Q658476","display_name":"Public key infrastructure","level":4,"score":0.7610315084457397},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.6415872573852539},{"id":"https://openalex.org/C160145156","wikidata":"https://www.wikidata.org/wiki/Q778586","display_name":"Executable","level":2,"score":0.5030571818351746},{"id":"https://openalex.org/C48044578","wikidata":"https://www.wikidata.org/wiki/Q727490","display_name":"Scalability","level":2,"score":0.4280667006969452},{"id":"https://openalex.org/C115903868","wikidata":"https://www.wikidata.org/wiki/Q80993","display_name":"Software engineering","level":1,"score":0.3879966735839844},{"id":"https://openalex.org/C203062551","wikidata":"https://www.wikidata.org/wiki/Q201339","display_name":"Public-key cryptography","level":3,"score":0.2538102865219116},{"id":"https://openalex.org/C77088390","wikidata":"https://www.wikidata.org/wiki/Q8513","display_name":"Database","level":1,"score":0.24627938866615295},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.16049346327781677},{"id":"https://openalex.org/C148730421","wikidata":"https://www.wikidata.org/wiki/Q141090","display_name":"Encryption","level":2,"score":0.12277165055274963}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3460120.3484793","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3460120.3484793","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3460120.3484793","source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"}],"best_oa_location":{"id":"doi:10.1145/3460120.3484793","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3460120.3484793","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3460120.3484793","source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"},"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/9","score":0.6600000262260437,"display_name":"Industry, innovation and infrastructure"}],"awards":[{"id":"https://openalex.org/G4861921790","display_name":"Collaborative Research: CNS Core: Small: Retrofitting IoT Ecosystems with a Software-defined Overlay to Enforce Safety, Security, and Privacy Policies","funder_award_id":"2006556","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"}],"funders":[{"id":"https://openalex.org/F4320306076","display_name":"National Science Foundation","ror":"https://ror.org/021nxhr62"},{"id":"https://openalex.org/F4320322942","display_name":"Chinese University of Hong Kong","ror":"https://ror.org/00t33hh48"}],"has_content":{"pdf":true,"grobid_xml":true},"content_urls":{"pdf":"https://content.openalex.org/works/W3213073946.pdf","grobid_xml":"https://content.openalex.org/works/W3213073946.grobid-xml"},"referenced_works_count":32,"referenced_works":["https://openalex.org/W129464463","https://openalex.org/W165943180","https://openalex.org/W1454728789","https://openalex.org/W1870741405","https://openalex.org/W1926951188","https://openalex.org/W1932217448","https://openalex.org/W1964071625","https://openalex.org/W1964494435","https://openalex.org/W1976919795","https://openalex.org/W1985848114","https://openalex.org/W2001637908","https://openalex.org/W2054426341","https://openalex.org/W2082158393","https://openalex.org/W2104899073","https://openalex.org/W2141950720","https://openalex.org/W2159595840","https://openalex.org/W2560107525","https://openalex.org/W2650293344","https://openalex.org/W2672575173","https://openalex.org/W2751455878","https://openalex.org/W2767162229","https://openalex.org/W2794584163","https://openalex.org/W2946925508","https://openalex.org/W2964540713","https://openalex.org/W2966873892","https://openalex.org/W3034071395","https://openalex.org/W3093870681","https://openalex.org/W3124323960","https://openalex.org/W4246691913","https://openalex.org/W4248513939","https://openalex.org/W4298051233","https://openalex.org/W6683303659"],"related_works":["https://openalex.org/W2350278424","https://openalex.org/W2071432835","https://openalex.org/W4239401009","https://openalex.org/W4234371507","https://openalex.org/W1628824497","https://openalex.org/W82161441","https://openalex.org/W1576042299","https://openalex.org/W2181943964","https://openalex.org/W1528423264","https://openalex.org/W2050645532"],"abstract_inverted_index":{"The":[0],"X.509":[1,18,36,96,109,133,159,194],"Public-Key":[2],"Infrastructure":[3],"(PKI)":[4],"standard":[5,68,97],"is":[6,56,113,144],"widely":[7,91],"used":[8,92,158],"as":[9],"a":[10,53,90,105,138,192],"scalable":[11],"and":[12,88,99,187,209,218,230],"flexible":[13],"authentication":[14],"mechanism.":[15],"Flaws":[16],"in":[17,66,70,171],"implementations":[19],"can":[20,176],"make":[21],"relying":[22],"applications":[23],"susceptible":[24],"to":[25,40,47,79,103,190],"impersonation":[26],"attacks":[27],"or":[28,64],"interoperability":[29],"issues.":[30],"In":[31,73,146],"practice,":[32],"many":[33],"libraries":[34,205],"implementing":[35],"have":[37],"been":[38],"shown":[39],"suffer":[41],"from":[42,123],"flaws":[43],"that":[44,137,175,225],"are":[45],"due":[46],"noncompliance":[48],"with":[49,202],"the":[50,60,67,95,116,120,124,129,151,156],"standard.":[51],"Developing":[52],"compliant":[54],"implementation":[55,195],"especially":[57],"hindered":[58],"by":[59,86,115,180],"design":[61],"complexity,":[62],"ambiguities,":[63],"under-specifications":[65],"written":[69],"natural":[71],"languages.":[72],"this":[74,81],"paper,":[75],"we":[76,135,161],"set":[77],"out":[78],"alleviate":[80],"unsatisfactory":[82],"state":[83],"of":[84,94,118,132,141,200],"affairs":[85],"re-engineering":[87,111],"formalizing":[89,128],"fragment":[93,140],"specification,":[98],"then":[100],"using":[101,168],"it":[102],"develop":[104,191],"high-assurance":[106,193],"implementation.":[107],"Our":[108],"specification":[110,174],"effort":[112],"guided":[114],"principle":[117],"decoupling":[119],"syntactic":[121,130],"requirements":[122,131,153],"semantic":[125,152],"requirements.":[126],"For":[127],"standard,":[134],"observe":[136],"restricted":[139],"attribute":[142],"grammar":[143],"sufficient.":[145],"contrast,":[147],"for":[148],"precisely":[149],"capturing":[150],"imposed":[154],"on":[155,212],"most-widely":[157],"features,":[160],"use":[162,185],"quantifier-free":[163],"first-order":[164],"logic":[165],"(QFFOL).":[166],"Interestingly,":[167],"QFFOL":[169],"results":[170],"an":[172,181],"executable":[173],"be":[177],"efficiently":[178],"enforced":[179],"SMT":[182],"solver.":[183],"We":[184],"these":[186],"other":[188],"insights":[189],"named":[196],"CERES.":[197],"A":[198],"comparison":[199],"CERES":[201,226],"3":[203],"mainstream":[204],"(i.e.,":[206],"mbedTLS,":[207],"OpenSSL,":[208],"GnuTLS)":[210],"based":[211],"2":[213,219],"million":[214,220],"real":[215],"certificate":[216,222],"chains":[217,223],"synthetic":[221],"shows":[224],"rightfully":[227],"rejects":[228],"malformed":[229],"invalid":[231],"certificates.":[232]},"counts_by_year":[{"year":2025,"cited_by_count":3},{"year":2024,"cited_by_count":3},{"year":2022,"cited_by_count":2}],"updated_date":"2026-04-10T15:06:20.359241","created_date":"2025-10-10T00:00:00"}