Security Architectures Using Formal Methods Colin
نویسنده
چکیده
A model describing secure communications architectures is developed using the formal language Z. The model is based on fundamental cryptographic properties. Some basic constraints are derived for the design of secure architectures which allow problems to the identified prior to design of security protocols. A simple criterion is derived for ensuring that all pairs of users can set up secure communications channels.
منابع مشابه
Integrating Security Administration into Software Architectures Design
Software architecture plays a central role in developing software systems that satisfy functionality and security requirements. However, little has been done to integrate system design with security enforcement, which would otherwise benefits both development process and system’s quality of service (QoS). This paper proposes a formal method to integrate security administration into software arc...
متن کاملA case study of service-oriented software architectures
Over 92% of security weaknesses were found to have architectural solutions. We are investigating a formal model of software architectures that permits mathematically proving properties of software components of a service-oriented software architecture [2]. Formally proving properties of software components allows for increased quality guarantees in general and removing or mitigating the securit...
متن کاملArchitectures and Formal Representations for Secure Systems Architectures and Formal Representations for Secure Systems Executive Summary
As used in this report, the term formal methods encompasses mathematical and logical techniques for representing and analyzing computer systems, with the intent of increasing (1) the rigor with which a system can be deened, (2) the security and reliability that can be attained by system design and implementation, and (3) the dependability with which the requirements can be met. This report cons...
متن کاملAnalysing Security Protocols Using Refinement in iUML-B
We propose a general approach based on abstraction and refinement for constructing and analysing security protocols using formal specification and verification. We use class diagrams to specify conceptual system entities and their relationships. We use state-machines to model the protocol execution involving the entities’ interactions. Features of our approach include specifying security princi...
متن کاملAnalysis of Object-Specific Authorization Protocol (OSAP) using Coloured Petri Nets
The use of Trusted Platform Module (TPM) is becoming increasingly popular in many security systems. To access objects protected by TPM (such as cryptographic keys), several cryptographic protocols, such as the Object Specific Authorization Protocol (OSAP), can be used. Given the sensitivity and the importance of those objects protected by TPM, the security of this protocol is vital. Formal meth...
متن کامل