Nothing Special   »   [go: up one dir, main page]
Skip to main content
Springer Nature Link
Log in

Composability of Secrecy

  • Conference paper
  • First Online:
Information Assurance in Computer Networks (MMM-ACNS 2001)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 2052))

Abstract

Modularity has been seen to be very useful in system development. Unfortunately, many security properties proposed in the literature are not composable (in contrast to other system properties), which is required to reason about them in a modular way. We present work supporting modular development of secure systems by showing a standard notion of secrecy to be composable wrt. the standard composition in the specification framework Focus (extended with cryptographic primitives). Additionally, the property is preserved under the standard refinement. We consider more fine-grained conditions useful in modular verification of secrecy. Keywords. Network security, cryptographic protocols, secrecy, modularity, composability, refinement, formal specification, computer aided software engineering.

This work was supported by the Studienstiftung des deutschen Volkes and the Computing Laboratory.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 64.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 84.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. Abadi, M.: Security protocols and their properties. In: Bauer, F. and Stein-brueggen, R., (eds.): Foundations of Secure Computation. IOS Press, 2000

    Google Scholar 

  2. Abadi, M. and Gordon, A.D.: A calculus for cryptographic protocols: The spificalculus. Information and Computation, 148(1):1–70 (January 1999)

    Article  MATH  MathSciNet  Google Scholar 

  3. Abadi, M. and Jan Jürjens: Formal eavesdropping and its computational interpretation, 2000. Submitted

    Google Scholar 

  4. Apostolopoulos, V., Peris, V., and Saha, D.: Transport layer security: How much does it really cost? In: Conference on Computer Communications (IEEE Infocom). New York (March 1999)

    Google Scholar 

  5. Broy, M. and Stølen, K.: Specification and Development of Interactive Systems. Springer (2000) (to be published)

    Google Scholar 

  6. Cardelli, L., Ghelli, G., and Gordon, A.: Secrecy and group creation. In: CONCUR 2000. (2000) 365–379

    Google Scholar 

  7. Dolev, D. and Yao, A.: On the security of public key protocols. IEEE Transactions on Information Theory, 29(2):198–208 (1983)

    Article  MATH  MathSciNet  Google Scholar 

  8. Huber, F., Molterer, S., Rausch, A., Schätz, B., Sihling, M., and Slotosch, O.: Tool supported Specification and Simulation of Distributed Systems. In: International Symposium on Software Engineering for Parallel and Distributed Systems. (1998) 155–164

    Google Scholar 

  9. Jan Jürjens: Secure information flow for concurrent processes. In: CONCUR 2000 (11th International Conference on Concurrency Theory), Vol. 1877 of LNCS. Pennsylvania, Springer (2000) 395–409

    Chapter  Google Scholar 

  10. Jan Jürjens: Object-oriented modelling of audit security for smart-card payment schemes. In: Paradinas, P., (ed.): IFIP/SEC 2001 — 16th International Conference on Information Security, Paris, (11–13 June 2001) Kluwer

    Google Scholar 

  11. Jan Jürjens: Secrecy-preserving refinement. In: Formal Methods Europe (International Symposium), LNCS. Springer (2001)

    Google Scholar 

  12. Jan Jürjens: Towards development of secure systems using UML. In: Huffmann, H., (ed.): Fundamental Approaches to Software Engineering (FASE/ETAPS, International Conference), LNCS. Springer (2001)

    Google Scholar 

  13. Jan Jürjens and Guido Wimmel: Specification-based testing of firewalls. Submitted (2001)

    Google Scholar 

  14. Lotz, V.: Threat scenarios as a means to formally develop secure systems. Journal of Computer Security 5 (1997) 31–67

    Google Scholar 

  15. McLean, J.: A general theory of composition for a class of “possibilistic” properties. IEEE Transactions on Software Engineering, 22(1):53–67 (1996)

    Article  Google Scholar 

  16. Meadows, C.: Using traces based on procedure calls to reason about composability. In: IEEE Symposium on Security and Privacy. (1992)

    Google Scholar 

  17. Meadows, C.: Applying the dependability paradigm to computer security. In: New Security Paradigms Workshop. (1995)

    Google Scholar 

  18. Meadows, C.: Formal verification of cryptographic protocols: A survey. In: Asiacrypt 96. (1996)

    Google Scholar 

  19. Meadows, C.: Open issues in formal methods for cryptographic protocol analysis. In: DISCEX. IEEE (2000)

    Google Scholar 

  20. Millen, J.: Hookup security for synchronous machines. In: Computer Security Foundations Workshop III. IEEE Computer Society (1990)

    Google Scholar 

  21. Pitzmann, B.: Higher cryptographic protocols, 1998. Lecture Notes, Universität des Saarlandes

    Google Scholar 

  22. Pohl, H. and Weck G., (eds.): Internationale Sicherheitskriterien. Oldenbourg Verlag (1993)

    Google Scholar 

  23. Ryan, P. and Schneider, S.: Process algebra and non-interference. In: IEEE Computer Security Foundations Workshop. (1999)

    Google Scholar 

  24. Sewell, P. and Vitek, J.: Secure composition of untrusted code: Wrappers and causality types. In: CSFW. (2000)

    Google Scholar 

  25. Varadharajan, V.: Hook-up property for information flow secure nets. In: CSFW. (1991)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Computing Laboratory, University of Oxford, GB, USA

    Jan Jürjens

Authors
  1. Jan Jürjens
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. St. Petersburg Institute for Informatics and Automation of the Russian Academy of Sciences (SPIIRAS), SPIIRAS, 39, 14th Liniya, St. Petersburg, Russia, 199178

    Vladimir I. Gorodetski

  2. Watson Schoolof Engineering, Binghamton University, Binghamton, NY, 13902, USA

    Victor A. Skormin

  3. Air Force Research Laboratory, Defensive Information Warfare Branch, 525 Brooks Road, Rome, NY, 13441-4505, Italy

    Leonard J. Popyack

Rights and permissions

Reprints and permissions

Copyright information

© 2001 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Jürjens, J. (2001). Composability of Secrecy. In: Gorodetski, V.I., Skormin, V.A., Popyack, L.J. (eds) Information Assurance in Computer Networks. MMM-ACNS 2001. Lecture Notes in Computer Science, vol 2052. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-45116-1_6

Download citation

  • DOI: https://doi.org/10.1007/3-540-45116-1_6

  • Published:

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-42103-0

  • Online ISBN: 978-3-540-45116-7

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation