Modeling and analysis of security protocols using role based specifications and Petri nets

Abstract : In this paper, we introduce a framework composed of a syntax and its compositional Petri net semantics, for the specification and verification of properties (like authentication) of security protocols. The protocol agents (e.g., an initiator, a responder, a server, a trusted third party, ...) are formalized as roles, each of them having a predefined behavior depending on their global and also local knowledge (including for instance public, private and shared keys), and may interact in a potentially hostile environment. The main characteristics of our framework, is that it makes explicit, structured and formal, the usually implicit information necessary to analyse the protocol, for instance the public and private context of execution. The roles and the environment are expressed using SPL processes and compositionally translated into high-level Petri nets, while the context specifying the global and local knowledge of the participants in the protocol is used to generate the corresponding initial marking (with respect to the studied property). Finally, this representation is used to analyse the protocol properties, applying techniques of simulation and model-checking on Petri nets. The complete approach is illustrated on the case study of the Kao-Chow authentication protocol.
Type de document :
Communication dans un congrès
International Conference on Application and Theory of Petri Nets (ICATPN'08), Jun 2008, Xi'an, China. Springer Berlin / Heidelberg, 5062, pp.72--91, 2008, Lecture Notes in Computer Science. 〈10.1007/978-3-540-68746-7_9〉
Liste complète des métadonnées

Littérature citée [31 références]  Voir  Masquer  Télécharger

https://hal.archives-ouvertes.fr/hal-00340476
Contributeur : Frédéric Davesne <>
Soumis le : dimanche 16 février 2014 - 15:52:24
Dernière modification le : jeudi 13 décembre 2018 - 09:46:03
Document(s) archivé(s) le : vendredi 16 mai 2014 - 10:35:11

Fichier

BDKPP-PN-2008.pdf
Fichiers produits par l'(les) auteur(s)

Identifiants

Collections

Citation

Roland Bouroulet, Raymond Devillers, Hanna Klaudel, Elisabeth Pelz, Franck Pommereau. Modeling and analysis of security protocols using role based specifications and Petri nets. International Conference on Application and Theory of Petri Nets (ICATPN'08), Jun 2008, Xi'an, China. Springer Berlin / Heidelberg, 5062, pp.72--91, 2008, Lecture Notes in Computer Science. 〈10.1007/978-3-540-68746-7_9〉. 〈hal-00340476〉

Partager

Métriques

Consultations de la notice

466

Téléchargements de fichiers

104