Cultural advice

The Australian National University acknowledges, celebrates and pays our respects to the Ngunnawal and Ngambri people of the Canberra region and to all First Nations Australians on whose traditional lands we meet and work, and whose cultures are among the oldest continuing cultures in human history.

Aboriginal and Torres Strait Islander peoples are advised that ANU Library collections may include images, names, voices, and other representations of deceased persons.

Material in the collection may contain terms, language or views that reflect the period in which the item was created and may be considered inappropriate today.

Security protocols, properties, and their monitoring

Thumbnail Image

Date

2008

Authors

Bauer, Andreas
Juerjens, Jan

Journal Title

Journal ISSN

Volume Title

Publisher

Association for Computing Machinery Inc (ACM)

Abstract

This paper examines the suitability and use of runtime verification as means for monitoring security protocols and their properties. In particular, we employ the runtime verification framework introduced in [5] to monitor complex, history-based security-properties of the SSL-protocol. We give a detailed account of the methodology, compare its formal expressiveness to prior art, and describe its application to an open-source Java-implementation of the SSL-protocol. In particular, we show how one can make use of runtime verification to dynamically enforce that assumptions on the crypto-protocol implementations (that are commonly made when statically verifying crypto-protocol specifications against security requirements) are actually satisfied in a given protocol implementation at runtime. Our analysis of these properties shows that some important runtime correctness properties of the SSL-protocol exceed the commonly used class of safety properties, and as such also the expressiveness of other monitoring frameworks.

Description

Keywords

Keywords: Correctness properties; Language-based security; Monitoring frameworks; Prior arts; Protocol implementations; Protocol specifications; Runtime verification; Runtime verifications; Safety properties; Security automata; Security protocols; Security requirem Language-based security; Monitoring history-based properties; Runtime verification; Security automata; Security protocols; Temporal logic

Citation

URI

http://hdl.handle.net/1885/53393

Collections

ANU Research Publications

Source

Proceedings of 4th International Workshop on Software Engineering for Secure Systems (SESS-2008)

Type

Conference paper

Book Title

Entity type

Access Statement

License Rights

DOI

10.1145/1370905.1370910

Restricted until

2037-12-31

Downloads

File
Description
01_Bauer_Security_protocols,_2008.pdf (388.87 KB)
02_Bauer_Security_protocols,_2008.pdf (132 KB)
03_Bauer_Security_protocols,_2008.pdf (1.25 MB)
04_Bauer_Security_protocols,_2008.pdf (145.18 KB)
05_Bauer_Security_protocols,_2008.pdf (173.38 KB)

DSpace software copyright © 2002-2026 LYRASIS

abcd