Intruder deducibility constraints with negation. Decidability and application to secured service compositions

The problem of finding a mediator to compose secured services has been reduced in our former work to the problem of solving deducibility constraints similar to those employed for cryptographic protocol analysis. We extend in this paper the mediator synthesis procedure by a construction for expressing that some data is not accessible to the mediator. Then we give a decision procedure for verifying that a mediator satisfying this non-disclosure policy can be effectively synthesized. This procedure has been implemented in CL-AtSe, our protocol analysis tool. The procedure extends constraint solving for cryptographic protocol analysis in a significative way as it is able to handle negative deducibility constraints without restriction. In particular it applies to all subterm convergent theories and therefore covers several interesting theories in formal security analysis including encryption, hashing, signature and pairing. Key-words: Web services, orchestration, security policy, separation of duty, deducibility constraints, cryptographic protocols, formal methods, tool ∗ This work is supported by FP7 AVANTSSAR [4] and FP7 NESSoS [20] projects. † INRIA Nancy Grand Est, France. Email: {rusi, turuani}@inria.fr ‡ IRIT, Université de Toulouse, France. Email: [email protected] § SnT, Université du Luxembourg, Luxembourg. Email: [email protected] ha l-0 07 19 01 1, v er si on 1 18 J ul 2 01 2 Contraintes de deducibilité avec négation Résumé : Voir “Abstract” Mots-clés : Services Web, orchestration, politique de sécurité, séparation des tâches, contraintes de deducibilité, protocoles de sécurité, méthodes formelles, util ha l-0 07 19 01 1, v er si on 1 18 J ul 2 01 2 Intruder deducibility constraints with negation. 3