Adaptable Authentication Model: Exploring Security with Weaker Attacker Models

Publication: Research - peer-reviewArticle in proceedings – Annual report year: 2012

Standard

Adaptable Authentication Model: Exploring Security with Weaker Attacker Models. / Ahmed, Naveed; Jensen, Christian D.

In: Engineering Secure Software and Systems: Third International Symposium, ESSoS 2011 Madrid, Spain, February 9-10, 2011 Proceedings. Springer, 2011. p. 234-247 (Lecture Notes in Computer Science, Vol. 6542).

Publication: Research - peer-reviewArticle in proceedings – Annual report year: 2012

Harvard

Ahmed, N & Jensen, CD 2011, 'Adaptable Authentication Model: Exploring Security with Weaker Attacker Models'. in: Engineering Secure Software and Systems: Third International Symposium, ESSoS 2011 Madrid, Spain, February 9-10, 2011 Proceedings. Springer, pp. 234-247. Lecture Notes in Computer Science, vol. 6542

APA

Ahmed, N., & Jensen, C. D. (2011). Adaptable Authentication Model: Exploring Security with Weaker Attacker Models. In: Engineering Secure Software and Systems: Third International Symposium, ESSoS 2011 Madrid, Spain, February 9-10, 2011 Proceedings. (pp. 234-247). Springer. (Lecture Notes in Computer Science, Vol. 6542).

CBE

Ahmed N, Jensen CD. 2011. Adaptable Authentication Model: Exploring Security with Weaker Attacker Models. In Engineering Secure Software and Systems: Third International Symposium, ESSoS 2011 Madrid, Spain, February 9-10, 2011 Proceedings. Springer. pp. 234-247. (Lecture Notes in Computer Science, Vol. 6542).

MLA

Ahmed, Naveed and Christian D.Jensen "Adaptable Authentication Model: Exploring Security with Weaker Attacker Models". In: Engineering Secure Software and Systems: Third International Symposium, ESSoS 2011 Madrid, Spain, February 9-10, 2011 Proceedings. Springer. 2011. 234-247. (Lecture Notes in Computer Science, ???volume??? 6542).

Vancouver

Ahmed N, Jensen CD. Adaptable Authentication Model: Exploring Security with Weaker Attacker Models. In: Engineering Secure Software and Systems: Third International Symposium, ESSoS 2011 Madrid, Spain, February 9-10, 2011 Proceedings. Springer. 2011. p. 234-247. (Lecture Notes in Computer Science, Vol. 6542).

Author

Ahmed, Naveed; Jensen, Christian D. / Adaptable Authentication Model: Exploring Security with Weaker Attacker Models.

In: Engineering Secure Software and Systems: Third International Symposium, ESSoS 2011 Madrid, Spain, February 9-10, 2011 Proceedings. Springer, 2011. p. 234-247 (Lecture Notes in Computer Science, Vol. 6542).

Publication: Research - peer-reviewArticle in proceedings – Annual report year: 2012

Bibtex

@inbook{e74213d0cef9483d9e83736ae69cf78b,
title = "Adaptable Authentication Model: Exploring Security with Weaker Attacker Models",
publisher = "Springer",
author = "Naveed Ahmed and Jensen, {Christian D.}",
year = "2011",
isbn = "978-3-642-19124-4",
series = "Lecture Notes in Computer Science",
pages = "234-247",
booktitle = "Engineering Secure Software and Systems",

}

RIS

TY - GEN

T1 - Adaptable Authentication Model: Exploring Security with Weaker Attacker Models

A1 - Ahmed,Naveed

A1 - Jensen,Christian D.

AU - Ahmed,Naveed

AU - Jensen,Christian D.

PB - Springer

PY - 2011

Y1 - 2011

N2 - Most methods for protocol analysis classify protocols as “broken” if they are vulnerable to attacks from a strong attacker, e.g., assuming the Dolev-Yao attacker model. In many cases, however, exploitation of existing vulnerabilities may not be practical and, moreover, not all applications may suffer because of the identified vulnerabilities. Therefore, we may need to analyze a protocol for weaker notions of security. In this paper, we present a security model that supports such weaker notions. In this model, the overall goals of an authentication protocol are broken into a finer granularity; for each fine level authentication goal, we determine the “least strongest-attacker” for which the authentication goal can be satisfied. We demonstrate that this model can be used to reason about the security of supposedly insecure protocols. Such adaptability is particularly useful in those applications where one may need to trade-off security relaxations against resource requirements.

AB - Most methods for protocol analysis classify protocols as “broken” if they are vulnerable to attacks from a strong attacker, e.g., assuming the Dolev-Yao attacker model. In many cases, however, exploitation of existing vulnerabilities may not be practical and, moreover, not all applications may suffer because of the identified vulnerabilities. Therefore, we may need to analyze a protocol for weaker notions of security. In this paper, we present a security model that supports such weaker notions. In this model, the overall goals of an authentication protocol are broken into a finer granularity; for each fine level authentication goal, we determine the “least strongest-attacker” for which the authentication goal can be satisfied. We demonstrate that this model can be used to reason about the security of supposedly insecure protocols. Such adaptability is particularly useful in those applications where one may need to trade-off security relaxations against resource requirements.

U2 - 10.1007/978-3-642-19125-1_18

DO - 10.1007/978-3-642-19125-1_18

SN - 978-3-642-19124-4

BT - Engineering Secure Software and Systems

T2 - Engineering Secure Software and Systems

T3 - Lecture Notes in Computer Science

T3 - en_GB

SP - 234

EP - 247

ER -

Anker Engelunds Vej 1Building 101A2800 Kgs. LyngbyTel +45 45 25 25 25VAT 30 06 09 46EAN