Final Report of Grant GR/S98139/01: Automated Analysis of Security Critical Systems
نویسندگان
چکیده
The aim of the project was to investigate the application of security protocol analysis techniques to security APIs. Security protocols are short programs that describe the secure exchange of information over an insecure network, using cryptography. Security APIs are the Application Program Interfaces of tamper-resistant hardware security modules, commonly used in security critical applications such as cash machines (ATMs). Security protocol analysis has been the subject of intensive research by the formal methods community over the last 20 years, but the use of these techniques for analysing APIs had not been attempted prior to our proposal. In the early 2000s, a number of powerful attacks on APIs currently in use in the banking network were discovered as the result of pain-staking manual analysis by expert researchers. Hence the aim of this project was to develop techniques to automate the analysis of APIs, taking security protocol analysis as a starting point.
منابع مشابه
Image flip CAPTCHA
The massive and automated access to Web resources through robots has made it essential for Web service providers to make some conclusion about whether the "user" is a human or a robot. A Human Interaction Proof (HIP) like Completely Automated Public Turing test to tell Computers and Humans Apart (CAPTCHA) offers a way to make such a distinction. CAPTCHA is a reverse Turing test used by Web serv...
متن کاملFinal Report GR/M70186/01 Imaging the Photofragmentation of Molecular Ions
Proposal GR/M70186 followed fairly close on the heels of a related funding application (GR/M20402). GR/M20402 sought modest equipment/consumables funding to allow a number of modifications to an existing ion imaging apparatus, plus a contribution towards the salary of a technician and a project studentship. In the event, all bar the studentship was awarded. This decision was seemingly based on ...
متن کاملA Lightweight Privacy-preserving Authenticated Key Exchange Scheme for Smart Grid Communications
Smart grid concept is introduced to modify the power grid by utilizing new information and communication technology. Smart grid needs live power consumption monitoring to provide required services and for this issue, bi-directional communication is essential. Security and privacy are the most important requirements that should be provided in the communication. Because of the complex design of s...
متن کاملCost Function Modelling for Semi-automated SC, RTG and Automated and Semi-automated RMG Container Yard Operating Systems
This study analyses the concept of cost functions for semi-automated Straddle Carrier (SC), Rubber Tyred Gantry (RTG) and automated Rail Mounted Gantry (RMG) container yard operating cranes. It develops a generic cost based model for a pair-wise comparison, analysis and evaluation of economic efficiency and effectiveness of container yard equipment to be used for decision-making by terminal pla...
متن کامل