The Delivery and Evidences Layer

Evidences of delivery are essential for resolving (and avoiding) disputes on delivery of messages, in classical as well as electronic commerce. We present the first rigorous specifications and provably-secure implementation, for a communication layer providing time-stamped evidences for the message delivery process. This improves on existing standards for evidences (‘non-repudiation’) services, based on informal specifications and unproven designs. Our work also improves on the large body of analytical works on tasks related to evidences of delivery, such as certified mail/delivery protocols and fair exchange (of signatures). We improve by addressing practical needs and scenarios, using realistic synchronization and communication assumptions, supporting time-outs and failures, and providing well-defined interface to the higher-layer protocols (application). Furthermore, we use the layered specifications framework, allowing provably-secure use of our protocol, with lower and higher layer protocols, with complete re-use of our analysis (theorems)

Forensic capabilities for service-oriented architectures

This report describes a framework to provide on-line forensic capabilities to service oriented architecture via Forensic Web Services (FWS) and runtime execution monitoring. The FWS is a new type of web services to be used by other web services (of an independent agency) to securely maintain transactional records of interest between other web services. The framework uses runtime execution monitoring to search the transactional log for interesting (or suspicious) service invocation sequences to recreate non-repudiable evidence of transactional history for use in a court of law.Contract Number: N6600107WR00222Approved for public release; distribution is unlimited

Inter-FSP Funds Transfer Protocol

The present work introduces the first decentralized secure funds transfer protocol with multiple participants. The protocol guarantees that a participant only loses money if a trusted peer happens to be corrupt. Furthermore, the loss is limited to the amount of credit given to that partner. The protocol supports expiration times for payment orders, and takes into consideration actual network queuing delays. To achieve our goals, we used several models and techniques from the Quality of Service area, to handle delays and avoid the expiration of payment orders. We provide rigorous proofs to the security requirements of the protocol

The Delivery and Evidences Layer

Abstract. Evidences of delivery are essential for resolving (and avoiding) disputes on delivery of messages, in classical as well as electronic commerce. We present the first rigorous specifications and provably-secure implementation, for a communication layer providing time-stamped evidences for the message delivery process. This improves on existing standards for evidences (‘non-repudiation’) services, based on informal specifications and unproven designs. Our work also improves on the large body of analytical works on tasks related to evidences of delivery, such as certified mail/delivery protocols and fair exchange (of signatures). We improve by addressing practical needs and scenarios, using realistic synchronization and communication assumptions, supporting time-outs and failures, and providing well-defined interface to the higher-layer protocols (application). Furthermore, we use the layered specifications framework, allowing provably-secure use of our protocol, with lower and higher layer protocols, with complete re-use of our analysis (theorems)