Formal Privacy Analysis of Communication Protocols for Identity Management

Over the years, formal methods have been developed for the analysis of security and privacy aspects of communication in IT systems. However, existing methods are insufficient to deal with privacy, especially in identity management (IdM), as they fail to take into account whether personal information can be linked to its data subject. In this paper, we propose a general formal method to analyze privacy of communication protocols for IdM. To express privacy, we represent knowledge of personal information in a three-layer model. We show how to deduce knowledge from observed messages and how to verify a range of privacy properties. We validate the approach by applying it to an IdM case study.

[1]  Lawrence C. Paulson,et al.  Kerberos Version 4: Inductive Analysis of the Secrecy Goals , 1998, ESORICS.

[2]  Jerry den Hartog,et al.  Formal Verification of Privacy for RFID Systems , 2010, 2010 23rd IEEE Computer Security Foundations Symposium.

[3]  Sean Turner,et al.  Secure/Multipurpose Internet Mail Extensions (S/MIME) Version 4.0 Message Specification , 2019, RFC.

[4]  Catherine A. Meadows,et al.  Formal methods for cryptographic protocol analysis: emerging issues and trends , 2003, IEEE J. Sel. Areas Commun..

[5]  Martín Abadi,et al.  A calculus for cryptographic protocols: the spi calculus , 1997, CCS '97.

[6]  Leonardo Mostarda,et al.  Place and Time Authentication of Cultural Assets , 2008, IFIPTM.

[7]  Somesh Jha,et al.  Using state space exploration and a natural deduction style message derivation engine to verify security protocols , 1998, PROCOMET.

[8]  Jan Jürjens,et al.  Verifying Cryptographic Code in C: Some Experience and the Csec Challenge , 2011, Formal Aspects in Security and Trust.

[9]  David W. Chadwick,et al.  Attribute Aggregation in Federated Identity Management , 2009, Computer.

[10]  Dieter Gollmann,et al.  Computer Security — ESORICS 98 , 1998, Lecture Notes in Computer Science.

[11]  Martín Abadi,et al.  A logic of authentication , 1989, Proceedings of the Royal Society of London. A. Mathematical and Physical Sciences.

[12]  Lawrence C. Paulson,et al.  The Inductive Approach to Verifying Cryptographic Protocols , 2021, J. Comput. Secur..

[13]  G. W. Hamilton,et al.  A Privacy Analysis for the π-calculus : The Denotational Approach , 2002 .

[14]  Nicola Zannone,et al.  Modeling Identity-Related Properties and Their Privacy Strength , 2010, Formal Aspects in Security and Trust.

[15]  Scott Cantor,et al.  Shibboleth Architecture Technical Overview , 2005 .

[16]  P. Ivax,et al.  A THEORY FOR RECORD LINKAGE , 2004 .

[17]  Mark Ryan,et al.  Automatic Verification of Privacy Properties in the Applied pi Calculus , 2008, IFIPTM.