PORTO @ Archivio Istituzionale della Ricerca

In formal methods, security protocols are usually modeled with a high level of abstraction. In particular, marshalling/unmarshalling operations on transmitted messages are generally abstracted away. However, in real applications, errors in this protocol component could be exploited to break protocol security. In order to solve this issue, this paper formally shows that, under some constraints checkable on sequential code, if an abstract protocol model is secure, then a refined model, which takes into account a wide class of possible implementations of the marshalling/unmarshalling operations, is implied to be secure too. The paper also indicates possible exploitations of this result.

Soundness Conditions for Message Encoding Abstractions in Formal Security Protocol Models / Pironti, Alfredo; Sisto, Riccardo. - STAMPA. - (2008), pp. 72-79. (Intervento presentato al convegno International Conference on Availability, Reliability and Security (ARES 08) tenutosi a Barcelona, Spain nel 4-7 March 2008) [10.1109/ARES.2008.30].

Soundness Conditions for Message Encoding Abstractions in Formal Security Protocol Models

PIRONTI, ALFREDO;SISTO, Riccardo
2008

Abstract

In formal methods, security protocols are usually modeled with a high level of abstraction. In particular, marshalling/unmarshalling operations on transmitted messages are generally abstracted away. However, in real applications, errors in this protocol component could be exploited to break protocol security. In order to solve this issue, this paper formally shows that, under some constraints checkable on sequential code, if an abstract protocol model is secure, then a refined model, which takes into account a wide class of possible implementations of the marshalling/unmarshalling operations, is implied to be secure too. The paper also indicates possible exploitations of this result.
2008
9780769531021
4.1 Contributo in Atti di convegno
File in questo prodotto:
File Dimensione Formato  
Soundness_Conditions_for_Message_Encoding_Abstractions_in_Formal_Security_Protocol_Models.pdf

non disponibili

Tipologia: 2a Post-print versione editoriale / Version of Record
Licenza: Non Pubblico - Accesso privato/ristretto
Dimensione 415.72 kB
Formato Adobe PDF
  Visualizza/Apri   Richiedi una copia
415.72 kB Adobe PDF   Visualizza/Apri   Richiedi una copia
Pubblicazioni consigliate

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11583/1659071