An integrated framework for security protocol analysis

Marcin (009) Olszewski; Łukasz Cyra

An integrated framework for security protocol analysis

Abstract

Assurance of security protocols needs particular attention. Flaws in a protocol can devastate security of the applications that rely on it. Analysis of the protocols is difficult and it is recommended that formal methods are employed to provide for higher levels of assurance. However, the formal methods can cover only a part of the scope of the problem. It is important that the formal models are valid representations of the protocol and that the application context is adequately represented. In the paper we present an analytical framework that integrates the object-oriented and formal modeling approaches. Object models are used to capture the relevant aspects of the protocol and its security context and to communicate with the protocol designers. Formal models are applied to verify the protocol security properties. Applicability of the framework was demonstrated by several industrial case studies.

Authors (2)

Cite as

Full text

full text is not available in portal

Keywords

Details

Category:: Conference activity
Type:: publikacja w wydawnictwie zbiorowym recenzowanym (także w materiałach konferencyjnych)
Title of issue:: ASIACCS'08 : Symposium on Information, Computer and Communications Security : proceedings Tokyo, Japan 18-20 March, 2008 strony 77 - 86
Language:: English
Publication year:: 2008
Bibliographic description:: Olszewski M., Cyra Ł.: An integrated framework for security protocol analysis// ASIACCS'08 : Symposium on Information, Computer and Communications Security : proceedings Tokyo, Japan 18-20 March, 2008/ ed. eds: M. Abe, V. Gligor. [Tokyo]: ACM, 2008, s.77-86
Verified by:: Gdańsk University of Technology