Abstract
We present a uniform approach for the definition and the analysis of various security properties. It is based on the general idea that a security property should be satisfied even in the presence of an hostile environment. This principle determines a family of strong properties which are resistant to every external attack, but are quite impractical to check. For this reason, we find some general conditions that permit to check a property only against a “most powerful” intruder. We show that the results of our theory can be easily applied to a number of existing security properties that can be rephrased in our setting. This shows the generality of the approach and permits to find some interesting relations among properties which have been proposed for different security issues.
Work partially supported by CNR,Progetto Strategico “Modelli e Metodi per la Matematica e l’Ingegneria” and by MURST Progetto “Tecniche Formali per la Specifica,l’Analisi, la Verifica e la Trasformazione dei Sistemi Software”.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
M. Abadi and A. D. Gordon. Reasoning about cryptographic protocols in the spicalculus. In Proceedings of CONCUR’97, pages 59–73. LNCS 1243, 1997.
M. Abadi and A. D. Gordon. A calculus for cryptographic protocols: The spi calculus. Information and Computation, 148(1):1–70, 1999.
D. E. Bell and L. J. La Padula. Secure computer systems: Unified exposition and multics interpretation. ESD-TR-75-306, MITRE MTR-2997, March 1976.
C. Bodei, P. Degano, R. Focardi, and C. Priami. Authentication via localized names. In Proceedings of CSFW’99, pages 98–110. IEEE press, 1999.
R. De Nicola and M. Hennessy. Testing equivalences for processes. Theoretical Computer Science, 34:83–133, 1984.
D. Dolev and A. Yao. On the security of public key protocols. IEEE Transactions on Information Theory, 29(2), 1983.
A. Durante, R. Focardi, and R. Gorrieri. CVS: A compiler for the analysis of cryptographic protocols. In Proceedings of CSFW’99, pages 203–212. IEEE press, 1999.
R. Focardi, A. Ghelli, and R. Gorrieri. Using non interference for the analysis of security protocols. In Proceedings of DIMACS Workshop on Design and Formal Verification of Security Protocols, 1997.
R. Focardi and R. Gorrieri. A classification of security properties for process algebras. Journal of Computer Security, 3(1):5–33, 1994/1995.
R. Focardi and R. Gorrieri. The compositional security checker: A tool for the verification of information flow security properties. IEEE Transactions on Software Engineering, 23(9):550–571, 1997.
J. A. Goguen and J. Meseguer. Security policy and security models. In Proc. Of the 1982 Symposium on Security and Privacy, pages 11–20. IEEE Press, 1982.
C. A. R. Hoare. Communicating Sequential Processes. Prentice-Hall, 1985.
R. Kemmerer, C. Meadows, and J. Millen. Three systems for cryptographic protocol analysis. Journal of Cryptology, 7(2):79–130, 1994.
G. Lowe. Breaking and fixing the Needham-Schroeder public-key protocol using FDR. In Proceedings of TACAS’96, pages 146–166. LNCS 1055, 1996.
G. Lowe. A hierarchy of authentication specification. In Proceedings of the 10th Computer Security Foundation Workshop, pages 31–43. IEEE press, 1997.
W. Marrero, E. Clarke, and S. Jha. A model checker for authentication protocols. In Proc. of DIMACS Workshop on Design and Formal Verification of Security Protocols. Rutgers University, Sep. 1997.
F. Martinelli. Languages for description and analysis of authentication protocols. In Proceedings of ICTCS’98, pages 304–315. World Scientific, 1998.
F. Martinelli. Partial model checking and theorem proving for ensuring security properties. In Proceedings of CSFW’98, pages 44–52. IEEE press, 1998.
F. Martinelli. Formal Methods for the Analysis of Open Systems with Applications to Security Properties. PhD thesis, University of Siena, Feb. 1999.
R. Milner. Communication and Concurrency. Prentice-Hall, 1989.
J. C. Mitchell, V. Shmatikov, and U. Stern. Finite-State Analysis of SSL 3.0. In 7th USENIX Security Symposium, 1998.
P. Y. A. Ryan and S. Schneider. Process algebra and non-interference. In Proceedings of CSFW’99, pages 214–227. IEEE press, 1999.
A. W. Roscoe. The Theory and Practice of Concurrency. Prentice-Hall, 1997.
S. Schneider. Security Properties and CSP. In Proceedings of the 1996 Symposium on Security and Privacy, pages 174–187. IEEE Press, 1996.
S. Schneider. Formal analysis of a non-repudiation protocol. In Proceedings of CSFW’98, pages 54–65. IEEE Press, 1998.
S. Schneider. Verifying authentication protocols in CSP. IEEE Transactions on Software Engineering, 24(9), September 1998.
J. Zhou and D. Gollmann. A fair non-repudiation protocol. In Proc. of Symposium in Research in Security and Privacy, pages 55–61. IEEE Press, 1996.
J. Zhou and D. Gollmann. Towards verification of non-repudiation protocols. In International Refinement Workshop and Formal Methods Pacific, 1998.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 1999 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Focardi, R., Martinelli, F. (1999). A Uniform Approach for the Definition of Security Properties. In: Wing, J.M., Woodcock, J., Davies, J. (eds) FM’99 — Formal Methods. FM 1999. Lecture Notes in Computer Science, vol 1708. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-48119-2_44
Download citation
DOI: https://doi.org/10.1007/3-540-48119-2_44
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-66587-8
Online ISBN: 978-3-540-48119-5
eBook Packages: Springer Book Archive