{"title":"使用UML 2建模和验证安全协议","authors":"Sandra Smith, A. Beaulieu, W. Phillips","doi":"10.1109/SYSCON.2011.5929088","DOIUrl":null,"url":null,"abstract":"Large scale distributed systems often require security protocols to ensure high integrity. We present a modeling approach that uses UML 2 without extensions to support the design, composition and verification of security protocols. The approach assumes a strong threat model, in which an attacker can intercept, modify, and spoof all communications, with the exception of those protected by known-strong encryption. Through a series of models of extensively-studied protocols we demonstrate that the approach allows protocol properties to be accurately represented, and protocols to be automatically tested to detect potential security flaws. The approach benefits from the existing strong tool support for UML 2, allowing automatic generation of protocol implementations from the models.","PeriodicalId":109868,"journal":{"name":"2011 IEEE International Systems Conference","volume":"8 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2011-04-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"9","resultStr":"{\"title\":\"Modeling and verifying security protocols using UML 2\",\"authors\":\"Sandra Smith, A. Beaulieu, W. Phillips\",\"doi\":\"10.1109/SYSCON.2011.5929088\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Large scale distributed systems often require security protocols to ensure high integrity. We present a modeling approach that uses UML 2 without extensions to support the design, composition and verification of security protocols. The approach assumes a strong threat model, in which an attacker can intercept, modify, and spoof all communications, with the exception of those protected by known-strong encryption. Through a series of models of extensively-studied protocols we demonstrate that the approach allows protocol properties to be accurately represented, and protocols to be automatically tested to detect potential security flaws. The approach benefits from the existing strong tool support for UML 2, allowing automatic generation of protocol implementations from the models.\",\"PeriodicalId\":109868,\"journal\":{\"name\":\"2011 IEEE International Systems Conference\",\"volume\":\"8 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2011-04-04\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"9\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2011 IEEE International Systems Conference\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/SYSCON.2011.5929088\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2011 IEEE International Systems Conference","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SYSCON.2011.5929088","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Modeling and verifying security protocols using UML 2
Large scale distributed systems often require security protocols to ensure high integrity. We present a modeling approach that uses UML 2 without extensions to support the design, composition and verification of security protocols. The approach assumes a strong threat model, in which an attacker can intercept, modify, and spoof all communications, with the exception of those protected by known-strong encryption. Through a series of models of extensively-studied protocols we demonstrate that the approach allows protocol properties to be accurately represented, and protocols to be automatically tested to detect potential security flaws. The approach benefits from the existing strong tool support for UML 2, allowing automatic generation of protocol implementations from the models.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
