A Component-Based Approach to Security Protocol Design

Abstract : Electronic document transfer is a key operation in many of today's most important applications (workflow, e-commerce, etc.). Each of these applications requires different security properties and constraints. Numerous communication protocols have been designed offering a set of security properties through the use of cryptographic tools. However, there is no clear match between the tools used and security properties they offer. In this paper, we propose to use a component-based approach to secure electronic document transfer. We introduce software components as "high-level security components", where each component provides an atomic security property such as integrity, confidentiality or authenticity. With this approach, a protocol developer is able to easily enhance an existing protocol by adding a specific security component providing a specific security property. Moreover, it will be easy to design new protocols to fulfil any specific set of security properties by assembling the appropriate components. At the same time, a user using a protocol designed with these security components will have the assurance and certification that the protocol satisfies the security properties required for the electronic document transfer at hand. Our approach is validated by showing how an integrity property can be added to the HTTP protocol to design a security property-centric HTTP and in this case an integrity-only HTTP.
Type de document :
Communication dans un congrès
IEEE Workshops of International Conference on Advanced Information Networking and Applications (WAINA), 2011, May 2011, Singapour, Singapore. pp.279 - 284, <http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=5763642>. <10.1109/WAINA.2011.34>
Liste complète des métadonnées

https://hal.archives-ouvertes.fr/hal-01342279
Contributeur : Michel Riveill <>
Soumis le : mardi 5 juillet 2016 - 16:15:49
Dernière modification le : mercredi 6 juillet 2016 - 01:04:53

Identifiants

Collections

Citation

N. Nobelis, K. Boudaoud, C. Delettre, Michel Riveill. A Component-Based Approach to Security Protocol Design. IEEE Workshops of International Conference on Advanced Information Networking and Applications (WAINA), 2011, May 2011, Singapour, Singapore. pp.279 - 284, <http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=5763642>. <10.1109/WAINA.2011.34>. <hal-01342279>

Partager

Métriques

Consultations de la notice

24