Connector-Based Software Development: Deriving Secure Protocols
While most branches of engineering consist of methodologies for building complex systems from simple components, formulating incremental and compositional methods for Security Engineering has been a daunting task: in general, security properties are not preserved under refinement or composition. The reason is that the nondestructive composition operations require that their static assumptions about the environment are maintained; but Security Engineering is concerned with dynamic, adversarial environments, and what happens when the assumptions fail.
KeywordsSecure Protocol Security Property Daunting Task Adversarial Environment Simple Component
- 1.Anlauff, M., Pavlovic, D.: The protocol derivation assistant (2005), http://www.kestrel.edu/software/pda
- 2.Anlauff, M., Pavlovic, D., Waldinger, R., Westfold, S.: Proving authentication properties in the protocol derivation assistant (submitted) (May 2006)Google Scholar
- 3.Baugher, M., Weis, B., Hardjono, T., Harney, H.: The group domain of interpretation. Network Working Group, Internet Engineering Task Force. RFC 3547 (July 2003)Google Scholar