GENERATING NETWORK SECURITY PROTOCOL IMPLEMENTATIONS FROM FORMAL SPECIFICATIONS

机译：通过正式规范生成网络安全协议的实现

获取原文

获取原文并翻译 | 示例

页面导航

摘要
著录项
相似文献
相关主题

摘要

We describe the Spi2Java code generation tool, which we have developed in an attempt to bridge the gap between formal security protocol specification and executable implementation. Implemented in Prolog, Spi2Java can input a formal security protocol specification in a variation of the Spi Calculus, and generate a Java code implementation of that protocol. We give a brief overview of the role of code generation in the wider context of security protocol development. We cover the design and implementation of Spi2Java which we relate to the high integrity code generation requirements identified by Whalen and Heim-dahl. By defining a Security Protocol Implementation API that abstracts cryptographic and network communication functionality we show that protocol logic code can be separated from underlying cryptographic algorithm and network stack implementation concerns. The design of this API is discussed, particularly its support for pluggable implementation providers. Spi2Java's functionality is demonstrated by way of example: we specify the Needham-Schroeder Public Key Authentication Protocol, and Lowe's attack on it, in the Spi Calculus and examine a successful attack run using Spi2Java generated implementation of the protocol roles.

机译：我们描述了Spi2Java代码生成工具，我们开发该工具的目的是弥合形式安全协议规范和可执行程序实现之间的差距。 Spi2Java在Prolog中实现，可以在Spi Calculus的变体中输入正式的安全协议规范，并生成该协议的Java代码实现。我们简要概述了代码生成在安全协议开发的更广泛上下文中的作用。我们介绍了Spi2Java的设计和实现，它与Whalen和Heim-dahl所确定的高完整性代码生成要求有关。通过定义一个抽象加密和网络通信功能的安全协议实现API，我们证明了协议逻辑代码可以与基础加密算法和网络堆栈实现问题分开。讨论了此API的设计，尤其是其对可插拔实现提供程序的支持。通过示例演示Spi2Java的功能：我们在Spi Calculus中指定Needham-Schroeder公钥身份验证协议以及Lowe对它的攻击，并使用Spi2Java生成的协议角色实现检查成功的攻击。

著录项

来源
《IFIP 177; IFIP(International Federation for Information Processing) TC-11 International Workshop on Certification and Security in Inter-Organizational E-Services(CSES), World Computer Congress; 20040822-27; Toulouse(FR)》|2004年|P.33-53|共21页
会议地点 Toulouse(FR)
作者
Benjamin Tobler; Andrew C.M. Hutchison;
展开▼
作者单位

Department of Computer Science, University of Cape Town Private Bag, Rondebosh 7701, South Africa;

展开▼
会议组织
原文格式 PDF
正文语种 eng
中图分类安全系统学;
关键词
code generation; formal methods; java; process algebra; prolog; security; spi calculus;

机译：代码生成;形式化方法; java;过程代数;序言;安全性; spi演算;

相似文献

外文文献
中文文献
专利

1. A Formal Specification and Verification Framework for Timed Security Protocols [J] . Li Li, Jun Sun, Yang Liu, Software Engineering, IEEE Transactions on . 2018,第8期

机译：定时安全协议的正式规范和验证框架
2. Security protocols over open networks and distributed systems: formal methods for their analysis, design, and verification [J] . S. Grizalis, D. Spinellis, P. Georgiadis Computer Communications . 1999,第8期

机译：开放网络和分布式系统上的安全协议：用于分析，设计和验证的正式方法
3. Provably correct Java implementations of Spi Calculus security protocols specifications [J] . Alfredo Pironti, Riccardo Sisto Computers & Security . 2010,第3期

机译：可证明正确的Spi Calculus安全协议规范的Java实现
4. GENERATING NETWORK SECURITY PROTOCOL IMPLEMENTATIONS FROM FORMAL SPECIFICATIONS [C] . Benjamin Tobler, Andrew C.M. Hutchison, International Federation for Information Processing(IFIP), IFIP International Workshop on Certification and Security in Inter-Organizational E-Services, World Computer Congress . 2005

机译：从正式规范生成网络安全协议实现
5. Formal specification and analysis of security protocols. [D] . Adi, Kamel. 2002

机译：正式规范和安全协议分析。
6. Formal Specification and Validation of a Hybrid Connectivity Restoration Algorithm for Wireless Sensor and Actor Networks [O] . Muhammad Imran, Nazir Ahmad Zafar 2012

机译：无线传感器和Actor网络的混合连接性恢复算法的正式规范和验证
7. Generating Network Security Protocol Implementations from Formal Specifications [O] . 2008

机译：从正式规范中生成网络安全协议实现
8. Specification of a Transport Protocol for Computer Communications. Volume 7. Testing OSI Protocols - A Compendium of Papers. Volume 8. User's Guide to the Testing System for Implementations of the ICST Transport Protocol. Volume 9. A Test Suite for Implementations of the ICST Transport Protocol. Volume 10. Specification of a Remote Scenario Interpreter for Implementations of the ICST Transport Protocol [R] . 1984

机译：计算机通信传输协议的规范。第7卷。测试OsI协议 - 论文汇编。第8卷.ICsT传输协议实施测试系统用户指南。第9卷。实施ICsT传输协议的测试套件。第10卷。用于实施ICsT传输协议的远程场景解释器的规范

GENERATING NETWORK SECURITY PROTOCOL IMPLEMENTATIONS FROM FORMAL SPECIFICATIONS

摘要

著录项

相似文献

相关主题

期刊订阅