— Unpublished Draft — Development of Formal Models for Secure E-services
نویسنده
چکیده
ion + refinement formalisation Figure 2: Different levels of specification To be able to prove required properties, an appropriate abstraction level must be chosen, so that a verification of the relevant functional and security properties is still possible. The behaviour of formal models at different abstraction levels can be compared using appropriate homomorphisms. In refinements of the model, where a complete analysis is not possible for complexity reasons, interesting parts of the search space can still be explored by manual control using simulation mode. Different models of possible attackers can be included in the specification and the combined model is then explored to find states where an attack succeeds. Figure 3 shows the steps proposed for the development of an executable formal model for an e-service application that works as expected for average usage and is robust under attack conditions.
منابع مشابه
Computationally secure multiple secret sharing: models, schemes, and formal security analysis
A multi-secret sharing scheme (MSS) allows a dealer to share multiple secrets among a set of participants. in such a way a multi-secret sharing scheme (MSS) allows a dealer to share multiple secrets among a set of participants, such that any authorized subset of participants can reconstruct the secrets. Up to now, existing MSSs either require too long shares for participants to be perfect secur...
متن کاملDevelopment of formal models for secure e-services
A methodology for the development of formal models for e-services is presented. Verification of the correct behaviour when given expected input and check for security properties by adding selected attack patterns is shown. An example scenario of a typical e-service configuration is given and the dynamic behaviour of different variants is analysed. To improve security of a system providing a col...
متن کاملA Distributed Authentication Model for an E-Health Network Using Blockchain
Introduction: One of the most important and challenging areas under the influence of information technology is the field of health. This pervasive influence has led to the development of electronic health (e-health) networks with a variety of services of different qualities. The issue of security management, maintaining confidentiality and data integrity, and exchanging it in a secure environme...
متن کاملA Distributed Authentication Model for an E-Health Network Using Blockchain
Introduction: One of the most important and challenging areas under the influence of information technology is the field of health. This pervasive influence has led to the development of electronic health (e-health) networks with a variety of services of different qualities. The issue of security management, maintaining confidentiality and data integrity, and exchanging it in a secure environme...
متن کاملDeveloping Reliable yet Flexible Software through If-Then Model Transformation Rules
Developing reliable yet flexible software is a hard problem. Although modeling methods enjoy a lot of advantages, the exclusive use of just one of them, in many cases, may not guarantee the development of reliable and flexible software. Formal modeling methods ensure reliability because they use a rigorous approach to software development. However, lack of knowledge and high cost practically fo...
متن کامل