Efficient Java Code Generation of Security Protocols Specified in AnB/AnBx

  • Paolo Modesti
Part of the Lecture Notes in Computer Science book series (LNCS, volume 8743)

Abstract

The implementation of security protocols is challenging and error-prone. A model-driven development approach allows the automatic generation of an application, from a simpler and abstract model that can be formally verified. Our AnBx compiler is a tool for automatic generation of Java code of security protocols specified in the Alice&Bob notation. In contrast with existing tools, it uses a simpler specification language and computes the consistency checks that agents have to perform on reception of messages. Moreover, the tool applies various optimization strategies to achieve efficiency both at compile and run time.

Keywords

security protocols code generation applied formal methods 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Avalle, M., Pironti, A., Sisto, R.: Formal verification of security protocol implementations: a survey. Formal Aspects of Computing 26(1), 99–123 (2014)CrossRefGoogle Scholar
  2. 2.
    Mödersheim, S.: Algebraic properties in Alice and Bob notation. In: International Conference on Availability, Reliability and Security (ARES 2009), pp. 433–440 (2009)Google Scholar
  3. 3.
    Briais, S., Nestmann, U.: A formal semantics for protocol narrations. Theoretical Computer Science 389, 484–511 (2007), doi:10.1016/j.tcs.2007.09.005CrossRefMATHMathSciNetGoogle Scholar
  4. 4.
    Bugliesi, M., Modesti, P.: AnBx - Security Protocols Design and Verification. In: Armando, A., Lowe, G. (eds.) ARSPA-WITS 2010. LNCS, vol. 6186, pp. 164–184. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  5. 5.
    Modesti, P.: Effcient Java code generation of security protocols specified in AnB/AnBx. Technical Report CS-TR-1422, Newcastle University (2014)Google Scholar
  6. 6.
    Basin, D., Mödersheim, S., Viganò, L.: OFMC: A symbolic model checker for security protocols. Int. Journal of Information Security 4(3), 181–208 (2005)CrossRefGoogle Scholar
  7. 7.
    P. Modesti: Verified Security Protocol Modeling and Implementation with AnBx. PhD thesis, Università Ca’ Foscari Venezia, Italy (2012)Google Scholar
  8. 8.
    Bella, G., Massacci, F., Paulson, L.C.: Verifying the SET purchase protocols. Journal of Automated Reasoning 36(1), 5–37 (2006)CrossRefMATHGoogle Scholar
  9. 9.
    Bellare, M., et al.: Design, implementation, and deployment of the iKP secure electronic payment system. IEEE JSAC 18(4), 611–627 (2000)Google Scholar
  10. 10.
    Pozza, D., Sisto, R., Durante, L.: Spi2Java: Automatic cryptographic protocol Java code generation from spi calculus. In: Proceedings of the 18th AINA. IEEE (2004)Google Scholar
  11. 11.
    Backes, M., Busenius, A., Hriţcu, C.: On the development and formalization of an extensible code generator for real life security protocols. In: Goodloe, A.E., Person, S. (eds.) NFM 2012. LNCS, vol. 7226, pp. 371–387. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  12. 12.
    Tobler, B., Hutchison, A.: Generating network security protocol implementations from formal specifications. Cert. and Security in Inter-Org. E-Service, 33–54 (2005)Google Scholar
  13. 13.
    Millen, J., Muller, F.: Cryptographic protocol generation from CAPSL. Technical Report SRI-CSL-01-07, SRI International (2001)Google Scholar

Copyright information

© Springer International Publishing Switzerland 2014

Authors and Affiliations

  • Paolo Modesti
    • 1
  1. 1.School of Computing ScienceNewcastle UniversityUK

Personalised recommendations