โ Scribed by Qingfeng Chen, Chengqi Zhang, Shichao Zhang
No coin nor oath required. For personal study only.
The application of formal methods to security protocol analysis has attracted increasing attention in the past two decades, and recently has been sh- ing signs of new maturity and consolidation. The development of these formal methodsismotivatedbythehostilenatureofsomeaspectsofthenetworkand the persistent e?orts of intruders, and has been widely discussed among - searchers in this ?eld. Contributions to the investigation of novel and e?cient ideas and techniques have been made through some important conferences and journals, such asESORICS,CSFW andACM Transactions in Computer Systems. Thus, formal methods have played an important role in a variety of applications such as discrete system analysis for cryptographic protocols, - lief logics and state exploration tools. A complicated security protocol can be abstractedasamanipulationofsymbolsandstructurescomposedbysymbols. The analysis of e-commerce (electronic commerce) protocols is a particular case of such symbol systems. There have been considerable e?orts in developing a number of tools for ensuring the security of protocols, both specialized and general-purpose, such as belief logic and process algebras. The application of formal methods starts with the analysis of key-distribution protocols for communication between two principals at an early stage. With the performance of transactions - coming more and more dependent on computer networks, and cryptography becoming more widely deployed, the type of application becomes more varied and complicated. The emerging complex network-based transactions such as ?nancial transactionsand secure groupcommunication have not only brought innovationstothecurrentbusinesspractice,butthey alsoposeabigchallenge to protect the information transmitted over the open network frommalicious attacks.
Title Page
Preface
Contents
Introduction
What Is Security Protocol?
Needs of Formal Analysis for Secure Transaction Protocols
Formal Methods and Related Areas
Emerging Issues and Trends
A Brief Discussion on the Chapters
Summary
Overview of Security Protocol Analysis
The Formalism
Basic Notations and Terminology
Inference Rules
Security Protocols
SET Protocol
Netbill Protocol
Security Services
Principles of Cryptography
Threats in Security Protocols
Research into Analysis of Security Protocols
A Discussion of Formal Methods and Security Protocols
A Brief Introduction to Protocol Abstraction
A Classification of Approaches for Protocol Analysis
Attack-Construction Approach
Approaches by Dolev and Yao
NRL Protocol Analyser
Inference-Construction Approach
BAN Logic
Extensions to BAN Logic
Proof-Construction Approach
Approaches Using Formal Tools and Specification Languages
Summary
Formal Analysis of Secure Transaction Protocols
Introduction
Research into Verifying Electronic Transaction Protocols
Formalism for Protocol Analysis Using Process Calculi
Formal Analysis Using an Observational Transition System
Formal Analysis of Card-Based Payment Systems in Mobile Devices
A Computational Model
Basic Terms and Statements
Logical Framework and Statement of ENDL
Axiom
Inference Rules
Inference Format
Verification Instances of Security Protocols in ENDL
Summary
Model Checking in Security Protocol Analysis
An Overview of Model Checking in Analysing E-Commerce Protocols
Model Checking for Failure Analysis of Protocols
Automatic Analysis of E-commerce Protocols Using UML
An ENDL-Based Verification Model
Components
Designing the Model
Handling the Knowledge and Facts
Recognition
Comparison with Theorem Proving
Discussion
Summary
Uncertainty Issues in Secure Messages
Introduction
Estimation of Inconsistency of Secure Messages
Related Work
Semantics Description
Measuring Inconsistency in Secure Messages
Examples of Measuring Inconsistency
Experiments
Integration of Conflicting Beliefs in Secure Messages
Related Work
Basic Concepts
Handling Inconsistent Beliefs in Secure Messages
Experiments
Summary
Applications of Data Mining in Protocol Analysis
Introduction
Related Work
Basic Concepts
Association Rule Mining for Inconsistent Secure Messages
The Basics of Association Rule Mining
Data Preparation
Identifying Association Rules of Interest
Algorithms and Experiments
Algorithms
Experiments
Summary
Detection Models of Collusion Attacks
Introduction
Related Work
Identification of Frequent Patterns for Collusion Attack Detection
Basic Concepts
A Framework to Detect Collusion Attacks
Dealing with Knowledge and Facts
A Case Study
Estimation of the Probability of Collusion Attacks
Motivations
Preliminaries
Identifying Collusion Attack Using Bayesian Network
Experiments
Summary
Conclusion and Future Works
Conclusion
Future Work
References
Index
๐ SIMILAR VOLUMES
<p><P>The present volume arose from the need for a comprehensive coverage of the state of the art in security protocol analysis. It aims to serve as an overall course-aid and to provide self-study material for researchers and students in formal methods theory and applications in e-commerce, data ana
<span>The LNCS journal Transactions on Computational Systems Biology is devoted to inter- and multidisciplinary research in the fields of computer science and life sciences and supports a paradigmatic shift in the techniques from computer and information science to cope with the new challenges arisi
<p><span>This book constitutes the proceedings of the 5th International Conference on Reliability, Safety, and Security of Railway Systems. Modelling, Analysis, Verification, and Certification, RSSRail 2023, held in Berlin, Germany, during October 10โ12, 2023.</span></p><p><span>The 13 full papers p
<span>Security is a rapidly growing area of computer science, with direct and increasing relevance to real life applications such as Internet transactions, electronic commerce, information protection, network and systems integrity, etc. This volume presents thoroughly revised versions of lectures gi
<p><span>Formal concept analysis has been developed as a field of applied mathematics based on the mathematization of concept and concept hierarchy. It thereby allows us to mathematically represent, analyze, and construct conceptual structures. The formal concept analysis approach has been proven su