Abstract
The implementation of security protocols is challenging and error-prone. A model-driven development approach allows the automatic generation of an application, from a simpler and abstract model that can be formally verified. Our AnBx compiler is a tool for automatic generation of Java code of security protocols specified in the Alice&Bob notation. In contrast with existing tools, it uses a simpler specification language and computes the consistency checks that agents have to perform on reception of messages. Moreover, the tool applies various optimization strategies to achieve efficiency both at compile and run time.
Keywords
- security protocols
- code generation
- applied formal methods
This is a preview of subscription content, access via your institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Avalle, M., Pironti, A., Sisto, R.: Formal verification of security protocol implementations: a survey. Formal Aspects of Computing 26(1), 99–123 (2014)
Mödersheim, S.: Algebraic properties in Alice and Bob notation. In: International Conference on Availability, Reliability and Security (ARES 2009), pp. 433–440 (2009)
Briais, S., Nestmann, U.: A formal semantics for protocol narrations. Theoretical Computer Science 389, 484–511 (2007), doi:10.1016/j.tcs.2007.09.005
Bugliesi, M., Modesti, P.: AnBx - Security Protocols Design and Verification. In: Armando, A., Lowe, G. (eds.) ARSPA-WITS 2010. LNCS, vol. 6186, pp. 164–184. Springer, Heidelberg (2010)
Modesti, P.: Effcient Java code generation of security protocols specified in AnB/AnBx. Technical Report CS-TR-1422, Newcastle University (2014)
Basin, D., Mödersheim, S., Viganò, L.: OFMC: A symbolic model checker for security protocols. Int. Journal of Information Security 4(3), 181–208 (2005)
P. Modesti: Verified Security Protocol Modeling and Implementation with AnBx. PhD thesis, Università Ca’ Foscari Venezia, Italy (2012)
Bella, G., Massacci, F., Paulson, L.C.: Verifying the SET purchase protocols. Journal of Automated Reasoning 36(1), 5–37 (2006)
Bellare, M., et al.: Design, implementation, and deployment of the iKP secure electronic payment system. IEEE JSAC 18(4), 611–627 (2000)
Pozza, D., Sisto, R., Durante, L.: Spi2Java: Automatic cryptographic protocol Java code generation from spi calculus. In: Proceedings of the 18th AINA. IEEE (2004)
Backes, M., Busenius, A., Hriţcu, C.: On the development and formalization of an extensible code generator for real life security protocols. In: Goodloe, A.E., Person, S. (eds.) NFM 2012. LNCS, vol. 7226, pp. 371–387. Springer, Heidelberg (2012)
Tobler, B., Hutchison, A.: Generating network security protocol implementations from formal specifications. Cert. and Security in Inter-Org. E-Service, 33–54 (2005)
Millen, J., Muller, F.: Cryptographic protocol generation from CAPSL. Technical Report SRI-CSL-01-07, SRI International (2001)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer International Publishing Switzerland
About this paper
Cite this paper
Modesti, P. (2014). Efficient Java Code Generation of Security Protocols Specified in AnB/AnBx . In: Mauw, S., Jensen, C.D. (eds) Security and Trust Management. STM 2014. Lecture Notes in Computer Science, vol 8743. Springer, Cham. https://doi.org/10.1007/978-3-319-11851-2_17
Download citation
DOI: https://doi.org/10.1007/978-3-319-11851-2_17
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-11850-5
Online ISBN: 978-3-319-11851-2
eBook Packages: Computer ScienceComputer Science (R0)