D4.3 Tool Support for Evolution-Aware Security Checks and Monitor Generation
نویسندگان
چکیده
The composition of processes is in general not secrecy pre-serving under the Dolev-Yao attacker model. In this paper, we describean algorithmic decision procedure which determines whether the com-position of secrecy preserving processes is still secrecy preserving. As acase-study we consider a variant of the TLS protocol where, even thoughthe client and server considered separately would be viewed as preserv-ing the secrecy of the data to be communicated, its composition to thecomplete protocol does not preserve that secrecy. We also show resultson tool support that allows one to validate the efficiency of our algorithmfor multiple compositions.
منابع مشابه
Automatic Generation of Security Protocols Implementations
The implementation of security protocols is challenging and error-prone. A model-driven development approach allows the automatic generation of an application, from a simpler and abstract model that can be formally verified. Our AnBx compiler is a tool for automatic generation of Java code of security protocols specified in the Alice&Bob notation. In contrast with existing tools, it uses a simp...
متن کاملAnBx: Automatic Generation and Verification of Security Protocols Implementations
The AnBx compiler is a tool for automatic generation of Java implementations of security protocols specified in a simple and abstract model that can be formally verified. In our model-driven development approach, protocols are described in AnBx , an extension of the Alice & Bob notation. Along with the synthesis of consistency checks, the tool analyses the security goals and produces annotation...
متن کاملSecSy: Security-aware Synthesis of Process Event Logs
One difficulty at developing mechanisms for business process security monitoring and auditing is the lack of representative, controllably generated test runs to serve as an evaluation basis. This paper presents an approach and the corresponding tool support for event log synthesis. The novelty is that it considers the activity of an “attacker” able to purposefully infringe security and complian...
متن کاملEfficient Java Code Generation of Security Protocols Specified in AnB/AnBx
The implementation of security protocols is challenging and error-prone, as experience has proved that even widely used and heavily tested protocols like TLS and SSH need to be patched every year due to low-level implementation bugs. A model-driven development approach allows automatic generation of an application, from a simpler and abstract model that can be formally verified. In this work we...
متن کاملConsistency Checks for Duties in Extended UML2 Activity Models
Process-aware information systems support the execution of business processes. In this context, organizations require the precise specification of security policies that govern the behavior of subjects in the systems. Obligation policies specify duties to be fulfilled by certain subjects. In organizational contexts, duties are often associated with a certain task in a business process. In this ...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2012