63,794 research outputs found
A class of theory-decidable inference systems
Tableau dâhonneur de la FacultĂ© des Ă©tudes supĂ©rieures et postdoctorales, 2004-2005Dans les deux derniĂšres dĂ©cennies, lâInternet a apportĂ© une nouvelle dimension aux communications. Il est maintenant possible de communiquer avec nâimporte qui, nâimporte oĂč, nâimporte quand et ce, en quelques secondes. Alors que certains systĂšmes de communication distribuĂ©s, comme le courriel, le chat, . . . , sont plutĂŽt informels et ne nĂ©cessitent aucune sĂ©curitĂ©, dâautres comme lâĂ©change dâinformations militaires ou encore mĂ©dicales, le commerce Ă©lectronique, . . . , sont trĂšs formels et nĂ©cessitent de trĂšs hauts niveaux de sĂ©curitĂ©. Pour atteindre les objectifs de sĂ©curitĂ© voulus, les protocoles cryptographiques sont souvent utilisĂ©s. Cependant, la crĂ©ation et lâanalyse de ces protocoles sont trĂšs difficiles. Certains protocoles ont Ă©tĂ© montrĂ©s incorrects plusieurs annĂ©es aprĂšs leur conception. Nous savons maintenant que les mĂ©thodes formelles sont le seul espoir pour avoir des protocoles parfaitement corrects. Ce travail est une contribution dans le domaine de lâanalyse des protocoles cryptographiques de la façon suivante: âą Une classification des mĂ©thodes formelles utilisĂ©es pour lâanalyse des protocoles cryptographiques. âą Lâutilisation des systĂšmes dâinfĂ©rence pour la modÂŽelisation des protocoles cryptographiques. âą La dĂ©finition dâune classe de systĂšmes dâinfĂ©rence qui ont une theorie dĂ©cidable. âą La proposition dâune procĂ©dure de dĂ©cision pour une grande classe de protocoles cryptographiquesIn the last two decades, Internet brought a new dimension to communications. It is now possible to communicate with anyone, anywhere at anytime in few seconds. While some distributed communications, like e-mail, chat, . . . , are rather informal and require no security at all, others, like military or medical information exchange, electronic-commerce, . . . , are highly formal and require a quite strong security. To achieve security goals in distributed communications, it is common to use cryptographic protocols. However, the informal design and analysis of such protocols are error-prone. Some protocols were shown to be deficient many years after their conception. It is now well known that formal methods are the only hope of designing completely secure cryptographic protocols. This thesis is a contribution in the field of cryptographic protocols analysis in the following way: âą A classification of the formal methods used in cryptographic protocols analysis. âą The use of inference systems to model cryptographic protocols. âą The definition of a class of theory-decidable inference systems. âą The proposition of a decision procedure for a wide class of cryptographic protocols
Towards Provably-Secure Timed E-Commerce: The Trusted Delivery Layer
Certified exchange of messages is an essential mechanism for e-commerce; the timing aspects (timeouts and timestamps) are very important for practical applications. However existing formal methods for security analysis assume simplified completely synchronous or completely asynchronous models, and cannot deal with the timing aspects of these (and other e-commerce) protocols. We present model for realistic, Δ-synchronized adversarial settings. We then present a simple, efficient and provably-secure protocol for certified, time-stamped message delivery, providing precise guarantees of delay and timestamps. Our model and analysis use concrete (rather than asymptotic) notions of security
Internet Governance: the State of Play
The Global Forum on Internet Governance held by the UNICT Task Force in New York on 25-26 March concluded that Internet governance issues were many and complex. The Secretary-General's Working Group on Internet Governance will have to map out and navigate this complex terrain as it makes recommendations to the World Summit on an Information Society in 2005. To assist in this process, the Forum recommended, in the words of the Deputy Secretary-General of the United Nations at the closing session, that a matrix be developed "of all issues of Internet governance addressed by multilateral institutions, including gaps and concerns, to assist the Secretary-General in moving forward the agenda on these issues." This paper takes up the Deputy Secretary-General's challenge. It is an analysis of the state of play in Internet governance in different forums, with a view to showing: (1) what issues are being addressed (2) by whom, (3) what are the types of consideration that these issues receive and (4) what issues are not adequately addressed
Model Checking Security Protocols: A Multiagent System Approach
Security protocols specify the communication required to achieve security objectives, e.g., data-privacy. Such protocols are used in electronic media: e-commerce, e-banking, e-voting, etc. Formal verification is used to discover protocol-design flaws. In this thesis, we use a multiagent systems approach built on temporal-epistemic logic to model and analyse a bounded number of concurrent sessions of authentication and key-establishment protocols executing in a Dolev-Yao environment. We increase the expressiveness of classical, trace-based frameworks by mapping each protocol requirement into a hierarchy of temporal-epistemic formulae. To automate our methodology, we design and implement a tool called PD2IS. From a high-level protocol description, PD2IS produces our protocol model and the temporal-epistemic specifications of the protocolâs goals. This output is verified with the model checker MCMAS. We benchmark our methodology on various protocols drawn from standard repositories. We extend our approach to formalise protocols described by equations of cryptographic primitives. The core of this extension is an indistinguishability relation to accommodate the underlying protocol equations. Based on this relation, we introduce a knowledge modality and an algorithm to model check multiagent systems against it. These techniques are applied to verify e-voting protocols. Furthermore, we develop our methodology towards intrusion-detection techniques. We introduce the concept of detectability, i.e., the ability of protocol participants to detect jointly that the protocol is being attacked. We extend our formalisms and PD2IS to support detectability analysis. We model check several attack-prone protocols against their detectability specifications
Model checking security protocols : a multiagent system approach
Security protocols specify the communication required to achieve security objectives, e.g.,
data-privacy. Such protocols are used in electronic media: e-commerce, e-banking, e-voting,
etc. Formal verification is used to discover protocol-design flaws.
In this thesis, we use a multiagent systems approach built on temporal-epistemic logic
to model and analyse a bounded number of concurrent sessions of authentication and
key-establishment protocols executing in a Dolev-Yao environment. We increase the expressiveness
of classical, trace-based frameworks by mapping each protocol requirement into a
hierarchy of temporal-epistemic formulae.
To automate our methodology, we design and implement a tool called PD2IS. From a
high-level protocol description, PD2IS produces our protocol model and the temporal-epistemic
specifications of the protocolâs goals. This output is verified with the model checker MCMAS.
We benchmark our methodology on various protocols drawn from standard repositories.
We extend our approach to formalise protocols described by equations of cryptographic
primitives. The core of this extension is an indistinguishability relation to accommodate the
underlying protocol equations. Based on this relation, we introduce a knowledge modality and
an algorithm to model check multiagent systems against it. These techniques are applied to
verify e-voting protocols.
Furthermore, we develop our methodology towards intrusion-detection techniques. We
introduce the concept of detectability, i.e., the ability of protocol participants to detect
jointly that the protocol is being attacked. We extend our formalisms and PD2IS to support
detectability analysis. We model check several attack-prone protocols against their detectability
specifications
A language for information commerce processes
Automatizing information commerce requires languages to represent the typical information commerce processes. Existing languages and standards cover either only very specific types of business models or are too general to capture in a concise way the specific properties of information commerce processes. We introduce a language that is specifically designed for information commerce. It can be directly used for the implementation of the processes and communication required in information commerce. It allows to cover existing business models that are known either from standard proposals or existing information commerce applications on the Internet. The language has a concise logical semantics. In this paper we present the language concepts and an implementation architecture
- âŠ