Abstract
In this paper, we propose a new method for the analysis that uses intuition of the analyst in a structured way. First we define entity authentication in terms of fine level authentication goals (FLAGs). Then we use some relevant structures in protocol narrations and use them to justify FLAGs for the protocol. All along this process, we discover vulnerabilities and unstated assumptions of the protocol.
As the method is intuition based, the quality of results depends on the expertise of the security analyst, however, the structured intuition has two major advantages: Firstly we get a precise specification of security in terms of FLAGs; and secondly the outcome can be used to transform
basic protocol narrations into more detailed specifications, which makes a subsequent formal analysis much more meaningful.
| Original language | English |
|---|---|
| Title of host publication | Technical Report on NODES10 Proceedings |
| Publication date | 2010 |
| Publication status | Published - 2010 |
| Event | 4th Nordic Workshop on Dependability and Security - Copenhagen, Denmark Duration: 22 Apr 2010 → 23 Apr 2010 Conference number: 4 |
Conference
| Conference | 4th Nordic Workshop on Dependability and Security |
|---|---|
| Number | 4 |
| Country/Territory | Denmark |
| City | Copenhagen |
| Period | 22/04/2010 → 23/04/2010 |