Stream Based Specification of Cryptographic Protocols and Their Composition Properties

The correct development of security-critical systems is very difficult, as demonstrated by many insecure systems that have been developed in research and practice. A particular challenge is the establishment of security properties for separate components in an open, distributed system, in a way that the interaction of these components will still satisfy the security properties established for each component in isolation. \\ \\ We present a methodology to represent crypto-based, distributed systems and software and their composition properties in a formal way using Focus, a framework for formal specification and development of interactive systems. Using this formal representation, one can argue about properties of protocol components and their composition in a methodological way. We use the Focus approach, because it was developed specifically to support the compositional development of distributed systems and offers a number of specification techniques including several practical notions of refinement. It also supports formal arguments about property combination using well-founded theories of component- and service-composition.

[1]  Premkumar T. Devanbu,et al.  Software engineering for security: a roadmap , 2000, ICSE '00.

[2]  Maria Spichkova Refinement-Based Verification of Interactive Real-Time Systems , 2008, Electron. Notes Theor. Comput. Sci..

[3]  Debanjan Saha,et al.  Transport layer security: how much does it really cost? , 1999, IEEE INFOCOM '99. Conference on Computer Communications. Proceedings. Eighteenth Annual Joint Conference of the IEEE Computer and Communications Societies. The Future is Now (Cat. No.99CH36320).

[4]  Tobias Nipkow,et al.  Isabelle/HOL , 2002, Lecture Notes in Computer Science.

[5]  Jan Jürjens,et al.  Secure systems development with UML , 2004 .

[6]  Guido Wimmel,et al.  Model-based development of security-critical systems , 2005 .

[7]  Jean Bézivin,et al.  A Canonical Scheme for Model Composition , 2006, ECMDA-FA.

[8]  Ruth Breu,et al.  Model-Driven Security Engineering for Trust Management in SECTET , 2007, J. Softw..

[9]  Manfred Broy,et al.  SERVICE-ORIENTED SYSTEMS ENGINEERING: SPECIFICATION AND DESIGN OF SERVICES AND LAYERED ARCHITECTURES , 2005 .

[10]  Amir Pnueli,et al.  Revised Lectures from the International Symposium on Compositionality: The Significant Difference , 1997 .

[11]  T. S. E. Maibaum,et al.  Mathematical foundations of software engineering: a roadmap , 2000, ICSE '00.

[12]  Bernhard Schätz,et al.  AutoFocus: A Tool for Distributed Systems Specification , 1996, FTRTFT.

[13]  Manfred Broy,et al.  Specification and development of interactive systems: focus on streams, interfaces, and refinement , 2001 .

[14]  Manfred Broy Compositional Refinement of Interactive Systems Modelled by Relations , 1997, COMPOS.

[15]  Manfred Broy Compositional refinement of interactive systems , 1997, JACM.

[16]  Duminda Wijesekera,et al.  Executable misuse cases for modeling security concerns , 2008, 2008 ACM/IEEE 30th International Conference on Software Engineering.

[17]  Volkmar Lotz,et al.  Threat Scenarios as a Means to Formally Develop Secure Systems , 1996, J. Comput. Secur..

[18]  Ana Milanova,et al.  Precise identification of composition relationships for UML class diagrams , 2005, ASE.

[19]  Marsha Chechik,et al.  Properties of Behavioural Model Merging , 2006, FM.

[20]  Danny Dolev,et al.  On the security of public key protocols , 1981, 22nd Annual Symposium on Foundations of Computer Science (sfcs 1981).

[21]  Maria Spichkova Specification and seamless verification of embedded real-time systems: FOCUS on Isabelle , 2007 .

[22]  David Basin,et al.  Model driven security: From UML models to access control infrastructures , 2006, TSEM.