Modeling and Analysis of Electronic Commerce Protocols Using Colored Petri Nets

Electronic commerce protocols are the basis of security in electronic commerce. Therefore, it is essential to ensure these protocols correctly. With the ideas of ZQ logic and the security protocols analysis method using Colored Petri Nets, a new method synthesizing ZQ logic and Colored Petri Nets is presented to analyze electronic commerce protocols. The new method is suitable for analyzing both accountability and fairness. However, it needs not to establish a dispute settlement model. Moreover, the ISI protocol is chosen to illustrate how an electronic commerce protocol is analyzed using the new method. An insecure state of the ISI protocol is found. Thus, the ISI protocol does not achieve accountability and fairness. The result is the same as the one in [10] where ZQ logic is used. These are stunning confirmations of the validity of the new method for analyzing electronic commerce protocols.

[1]  Kurt Jensen Coloured Petri Nets , 1992, EATCS Monographs in Theoretical Computer Science.

[2]  Kurt Jensen,et al.  Coloured Petri Nets: Basic Concepts, Analysis Methods and Practical Use. Vol. 2, Analysis Methods , 1992 .

[3]  B. Clifford Neuman,et al.  NetCash: a design for practical electronic currency on the Internet , 1993, CCS '93.

[4]  Benjamin Cox,et al.  NetBill Security and Transaction Protocol , 1995, USENIX Workshop on Electronic Commerce.

[5]  Dieter Gollmann,et al.  A fair non-repudiation protocol , 1996, Proceedings 1996 IEEE Symposium on Security and Privacy.

[6]  Rajashekar Kailar Accountability in Electronic Commerce Protocols , 1996, IEEE Trans. Software Eng..

[7]  Zhou Dian Limitations of Kailar Logic , 1999 .

[8]  Zhou Ming A Fair Non-Repudiation Protocol and Its Formal Analysis , 2003 .

[9]  Wang Cai A New Approach for the Analysis of Electronic Commerce Protocols , 2004 .

[10]  Liu Dao-bin Formal Analysis of Security Protocols Using Petri Nets , 2004 .

[11]  Panagiotis Katsaros,et al.  Colored Petri Net based model checking and failure analysis for E-commerce protocols , 2005 .

[12]  Li Botao and Luo Junzhou MODELING AND ANALYSIS OF NON-REPUDIATION PROTOCOLS BY USING PETRI NETS , 2005 .

[13]  Yang Xu,et al.  Analysis of Electronic Commerce Protocols Based on Extended Rubin Logic , 2008, 2008 The 9th International Conference for Young Computer Scientists.

[14]  Yang Xu,et al.  Security analysis of routing protocol for MANET based on extended Rubin logic , 2008, 2008 IEEE International Conference on Networking, Sensing and Control.

[15]  Yang Xu,et al.  Extending Rubin logic for electronic commerce protocols , 2008, 2008 2nd International Conference on Anti-counterfeiting, Security and Identification.

[16]  L Botao,et al.  ANALYSIS OF FAIRNESS IN PAYMENT PROTOCOLS BASED ON HIERARCHICAL TIMED COLOURED PETRI NETS , 2009 .

[17]  Yang Xu,et al.  Modeling and Analysis of Security Protocols Using Colored Petri Nets , 2011, J. Comput..