Connector-Based Software Development: Deriving Secure Protocols
暂无分享,去创建一个
While most branches of engineering consist of methodologies for building complex systems from simple components, formulating incremental and compositional methods for Security Engineering has been a daunting task: in general, security properties are not preserved under refinement or composition. The reason is that the nondestructive composition operations require that their static assumptions about the environment are maintained; but Security Engineering is concerned with dynamic, adversarial environments, and what happens when the assumptions fail.
[1] Dusko Pavlovic,et al. Deriving, Attacking and Defending the GDOI Protocol , 2004, ESORICS.
[2] Brian Weis,et al. The Group Domain of Interpretation , 2003, RFC.
[3] Dieter Gollmann,et al. Computer Security – ESORICS 2004 , 2004, Lecture Notes in Computer Science.
[4] Dusko Pavlovic. Proving Authentication Properties in the Protocol Derivation Assistant , 2006 .