{"title":"Establishing and preserving protocol security goals","authors":"J. Guttman","doi":"10.3233/JCS-140499","DOIUrl":null,"url":null,"abstract":"We take a model-theoretic viewpoint on security goals and how to establish them. The models are possibly fragmentary executions. Security goals such as authentication and confidentiality are geometric sequents, i.e. implications Φ→Ψ where Φ and Ψ are built from atomic formulas without negations, implications, or universal quantifiers.Security goals are then statements about homomorphisms, where the source is a minimal fragmentary model of the antecedent Φ. If every homomorphism to a non-fragmentary, complete execution factors through a model in which Ψ is satisfied, then the goal is achieved. One can validate security goals via a process of information enrichment. We call this approach enrich-by-need protocol analysis.This idea also clarifies protocol transformation. A protocol transformation preserves security goals when it preserves the form of the information enrichment process. We formalize this idea using simulation relations between labeled transition systems. These labeled transition systems formalize the analysis of the protocols, i.e. the information enrichment process, not the execution behavior of the protocols.","PeriodicalId":142580,"journal":{"name":"J. Comput. Secur.","volume":"30 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2014-03-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"23","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"J. Comput. Secur.","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.3233/JCS-140499","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 23
Abstract
We take a model-theoretic viewpoint on security goals and how to establish them. The models are possibly fragmentary executions. Security goals such as authentication and confidentiality are geometric sequents, i.e. implications Φ→Ψ where Φ and Ψ are built from atomic formulas without negations, implications, or universal quantifiers.Security goals are then statements about homomorphisms, where the source is a minimal fragmentary model of the antecedent Φ. If every homomorphism to a non-fragmentary, complete execution factors through a model in which Ψ is satisfied, then the goal is achieved. One can validate security goals via a process of information enrichment. We call this approach enrich-by-need protocol analysis.This idea also clarifies protocol transformation. A protocol transformation preserves security goals when it preserves the form of the information enrichment process. We formalize this idea using simulation relations between labeled transition systems. These labeled transition systems formalize the analysis of the protocols, i.e. the information enrichment process, not the execution behavior of the protocols.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
