A Component-Based Approach to Security Protocol Design - Archive ouverte HAL Accéder directement au contenu
Communication Dans Un Congrès Année : 2011

A Component-Based Approach to Security Protocol Design

N. Nobelis
  • Fonction : Auteur
K. Boudaoud
  • Fonction : Auteur
C. Delettre
  • Fonction : Auteur

Résumé

Electronic document transfer is a key operation in many of today's most important applications (workflow, e-commerce, etc.). Each of these applications requires different security properties and constraints. Numerous communication protocols have been designed offering a set of security properties through the use of cryptographic tools. However, there is no clear match between the tools used and security properties they offer. In this paper, we propose to use a component-based approach to secure electronic document transfer. We introduce software components as "high-level security components", where each component provides an atomic security property such as integrity, confidentiality or authenticity. With this approach, a protocol developer is able to easily enhance an existing protocol by adding a specific security component providing a specific security property. Moreover, it will be easy to design new protocols to fulfil any specific set of security properties by assembling the appropriate components. At the same time, a user using a protocol designed with these security components will have the assurance and certification that the protocol satisfies the security properties required for the electronic document transfer at hand. Our approach is validated by showing how an integrity property can be added to the HTTP protocol to design a security property-centric HTTP and in this case an integrity-only HTTP.
Fichier non déposé

Dates et versions

hal-01342279 , version 1 (05-07-2016)

Identifiants

Citer

N. Nobelis, K. Boudaoud, C. Delettre, Michel Riveill. A Component-Based Approach to Security Protocol Design. IEEE Workshops of International Conference on Advanced Information Networking and Applications (WAINA), 2011, May 2011, Singapour, Singapore. pp.279 - 284, ⟨10.1109/WAINA.2011.34⟩. ⟨hal-01342279⟩
67 Consultations
0 Téléchargements

Altmetric

Partager

Gmail Facebook X LinkedIn More