External Consistency and the Verification of Security Protocols

Position Paper
  • Simon N. Foley
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 1550)


The notion of external consistency—that system state correctly reflects the real world—provides a basis for a denotational definition of integrity. We regard segregation of duties, well formed transactions, auditing, replication, MACs, and so forth, as simply implementation techniques: they define how to achieve this notion of integrity in an operational sense. Therefore, we argue that when a designer claims that a system is fault-tolerant, or that a protocol properly authenticates, or that a system is secure against fraud, then what the designer is actually claiming is that it is externally consistent. An advantage of taking this view is that it allows us to give a meaning to the ‘security’ of a system that uses a combination of these implementation techniques.


Abnormal Behaviour Authentication Protocol Security Protocol Message Authentication Code Implementation Technique 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    W.R. Ashby. An Introduction to Cybernetics. Methuen, New York, 1964.Google Scholar
  2. 2.
    M. Burrows, M. Abadi, and R. M. Needham. A logic of authentication. Technical Report Report number 39, Digital Systems Research Center, February 1989.Google Scholar
  3. 3.
    D. D. Clark and D. R. Wilson. A comparison of commercial and military computer security models. In Proceedings Symposium on Security and Privacy, pages 184–194. IEEE Computer Society Press, April 1987.Google Scholar
  4. 4.
    R. Focardi, A. Ghelli, and R. Gorrieri. Using noninterference for the analysis of security protocols. In Proceedings of DIMACS Workshop on Design and Formal Verification of Security Protocols, 1997.Google Scholar
  5. 5.
    S.N. Foley. Evaluating system integrity. April 1998. Submitted for publication.Google Scholar
  6. 6.
    C.A.R. Hoare. Communicating Sequential Processes. Prentice Hall, 1985.Google Scholar
  7. 7.
    L.C. Paulson. The inductive approach to verifying cryptographic protocols. In Proceedings of the IEEE Computer Security Foundations Workshop, 1997.Google Scholar
  8. 8.
    A.W. Roscoe. Using intensional specifications of security protocols. In Proceedings of the IEEE Computer Security Foundations Workshop, 1996.Google Scholar
  9. 9.
    A.C. Simpson. Safety through Security. PhD thesis, Oxford University, Computing Laboratory, 1996.Google Scholar
  10. 10.
    J.F. Palmer S.M. McMenamin. Essential Systems Analysis. Prentice Hall, 1984.Google Scholar
  11. 11.
    D. Weber. Specifications for fault-tolerance. Technical Report 19-3, Odyssey Research Associates, Ithaca,NY, 1988.Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 1998

Authors and Affiliations

  • Simon N. Foley
    • 1
  1. 1.Centre for Communications Systems ResearchUniversity of CambridgeCambridgeUK

Personalised recommendations