TY - GEN
T1 - Authenticity and provability - A formal framework
AU - Gürgens, Sigrid
AU - Ochsenschläger, Peter
AU - Rudolph, Carsten
PY - 2002/1/1
Y1 - 2002/1/1
N2 - This paper presents a new formalisation of authenticity and proof of authenticity. These security properties constitute essential requirements for secure electronic commerce and other types of binding telecooperation. Based on the notions of formal language theory, authenticity and proof of authenticity are defined relative to the agents’ knowledge about the system. Abstraction by language homomorphisms satisfying particular properties preserves the respective security properties from a higher to a lower level of abstraction. Thus, the new formalisation is suitable for a top-down security engineering method. The approach is demonstrated by a typical e-commerce example, a price-offer transaction. We present specifications of this example on two different abstraction levels. On the lower of these abstraction levels, Asynchronous Product Automata (APA) are used to model cryptographic protocols, and properties of cryptographic algorithms are formally described by abstract secure channels.
AB - This paper presents a new formalisation of authenticity and proof of authenticity. These security properties constitute essential requirements for secure electronic commerce and other types of binding telecooperation. Based on the notions of formal language theory, authenticity and proof of authenticity are defined relative to the agents’ knowledge about the system. Abstraction by language homomorphisms satisfying particular properties preserves the respective security properties from a higher to a lower level of abstraction. Thus, the new formalisation is suitable for a top-down security engineering method. The approach is demonstrated by a typical e-commerce example, a price-offer transaction. We present specifications of this example on two different abstraction levels. On the lower of these abstraction levels, Asynchronous Product Automata (APA) are used to model cryptographic protocols, and properties of cryptographic algorithms are formally described by abstract secure channels.
UR - http://www.scopus.com/inward/record.url?scp=84944042480&partnerID=8YFLogxK
M3 - Conference Paper
AN - SCOPUS:84944042480
SN - 3540443096
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 227
EP - 245
BT - Infrastructure Security - International Conference, InfraSec 2002, Proceedings
PB - Springer-Verlag London Ltd.
T2 - International Conference on Infrastructure Security, InfraSec 2002
Y2 - 1 October 2002 through 3 October 2002
ER -