Connector-Based Software Development: Deriving Secure Protocols

  • Dusko Pavlovic
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4085)


While most branches of engineering consist of methodologies for building complex systems from simple components, formulating incremental and compositional methods for Security Engineering has been a daunting task: in general, security properties are not preserved under refinement or composition. The reason is that the nondestructive composition operations require that their static assumptions about the environment are maintained; but Security Engineering is concerned with dynamic, adversarial environments, and what happens when the assumptions fail.


Secure Protocol Security Property Daunting Task Adversarial Environment Simple Component 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
    Anlauff, M., Pavlovic, D.: The protocol derivation assistant (2005),
  2. 2.
    Anlauff, M., Pavlovic, D., Waldinger, R., Westfold, S.: Proving authentication properties in the protocol derivation assistant (submitted) (May 2006)Google Scholar
  3. 3.
    Baugher, M., Weis, B., Hardjono, T., Harney, H.: The group domain of interpretation. Network Working Group, Internet Engineering Task Force. RFC 3547 (July 2003)Google Scholar
  4. 4.
    Meadows, C., Pavlovic, D.: Deriving, attacking and defending the gdoi protocol. In: Samarati, P., Ryan, P.Y.A., Gollmann, D., Molva, R. (eds.) ESORICS 2004. LNCS, vol. 3193, pp. 53–72. Springer, Heidelberg (2004)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Dusko Pavlovic
    • 1
  1. 1.Kestrel InstitutePalo AltoUSA

Personalised recommendations