Security Modelling for Electronic Commerce: The Common Electronic Purse Specifications
نویسندگان
چکیده
Designing security-critical systems correctly is very difficult. We present work on software engineering of security critical systems, supported by the CASE tool AUTOFOCUS. Security critical systems are specified with extended structure diagrams, message sequence charts for the protocols and statecharts for the attacker, translated into an AUTOFOCUS system model and examined for security weaknesses using model checking. Additionally, the specifications could be simulated or tested which is a first step towards integration of cryptographic primitives, intuitive graphical modelling, simulation and model checking. We explain our method at the example of a part of the Common Electronic Purse Specifications (CEPS), and comment on potential of vulnerability and consequences for the design.
منابع مشابه
The Presentation of an Ideal Safe SMS based model in mobile Electronic commerce using Encryption hybrid algorithms AES and ECC
Mobile commerce is whatever electronic transfer or transaction via a mobile modem through a mobile net in which the true value or advance payment is done for goods, services or information. A mobile payment system should be beneficial for all related persons. For a payment system to be a Successful system, End-user, seller, exporter and operators should see a additional value in it. End-user ...
متن کاملElectronic Commerce, Automation and Online Banking in Nigeria: Challenges and Benefits
Electronic banking has been around for some time in the form of automatic teller machines and telephone transactions but with the advent of internet, more publicity has been witnessed. This issue of internet has equally given a new look to their transactions and mode of product delivery in banking services for the benefits of both the customers and the banks. The objective of this paper is to f...
متن کاملFeasibility of Electronic Commerce at Cooperative in Gilan Province to Select an Appropriate E-Commerce Model by Using Fuzzy Analysis Network Process
Electronic commerce as one of the most important of Innovation aspects in the process of doing business is used by many organizations and companies in the world. Cooperatives as the main part of the country's economy have fundamental role in improving and promoting of economic. Therefore, innovation methods and tools, new processes and perform business tasks such as e-commerce will play an i...
متن کاملFeasibility of Electronic Commerce at Cooperative in Gilan Province to Select an Appropriate E-Commerce Model by Using Fuzzy Analysis Network Process
Electronic commerce as one of the most important of Innovation aspects in the process of doing business is used by many organizations and companies in the world. Cooperatives as the main part of the country's economy have fundamental role in improving and promoting of economic. Therefore, innovation methods and tools, new processes and perform business tasks such as e-commerce will play an i...
متن کاملFormally Testing Fail-Safety of Electronic Purse Protocols
Designing and implementing security-critical systems correctly is very difficult. In practice, most vulnerabilities arise from bugs in implementations. We present work towards systematic specification-based testing of securitycritical systems using the CASE tool AutoFocus. Cryptographic systems are formally specified with state transition diagrams, a notation for state machines in the AutoFocus...
متن کامل