Automated analysis of security-design models
نویسندگان
چکیده
منابع مشابه
Automated analysis of security-design models
We have previously proposed SecureUML, an expressive UML-based language for constructing security-design models, which are models that combine design specifications for distributed systems with specifications of their security policies. Here we show how to automate the analysis of such models in a semantically precise and meaningful way. In our approach, models are formalized together with scen...
متن کاملAutomated Design of Security Protocols
Security protocols play an important role in modern communications. However, security protocol development is a delicate task, and experience shows that computer security protocols are notoriously difficult to get right. Recently, Clark and Jacob provided a framework for automatic protocol generation based on combinatorial optimization techniques and the symmetric key part of BAN logic. This pa...
متن کاملAutomated support for the Design and Analysis of Security Protocols
This paper presents a user friendly formal specification language, called LS , for defining security properties. The language is intended for use in defining and specifying applications with security requirements in a unified framework. The longterm goal of the work is to establish the basic building blocks for an extensible language that can be used in practice, both in the context of standard...
متن کاملAutomated Analysis of Security APIs
Attacks on security systems within the past decade have revealed that security Application Programming Interfaces (APIs) expose a large and real attack surface but remain to be a relatively unexplored problem. In 2000, Bond et al. discovered APIchaining and type-confusion attacks on hardware security modules used in large banking systems. While these first attacks were found through human inspe...
متن کاملAutomated analysis of security protocols
Cryptographic protocols such as IKE, SET, TLS, Kerberos have been developed to secure electronic transactions. However the design of such protocols often appears to be problematic even assuming that the cryptographic primitives are perfect, i.e. even assuming we cannot decrypt a message without the right key. An intruder may intercept messages, analyse them, modify them with low computing power...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: Information and Software Technology
سال: 2009
ISSN: 0950-5849
DOI: 10.1016/j.infsof.2008.05.011