ACM Transactions on Computer Systems (TOCS)
A calculus for cryptographic protocols: the spi calculus
Proceedings of the 4th ACM conference on Computer and communications security
The inductive approach to verifying cryptographic protocols
Journal of Computer Security
Kerberos Version 4: Inductive Analysis of the Secrecy Goals
ESORICS '98 Proceedings of the 5th European Symposium on Research in Computer Security
PROCOMET '98 Proceedings of the IFIP TC2/WG2.2,2.3 International Conference on Programming Concepts and Methods
Formal Verification of Privacy for RFID Systems
CSF '10 Proceedings of the 2010 23rd IEEE Computer Security Foundations Symposium
Modeling identity-related properties and their privacy strength
FAST'10 Proceedings of the 7th International conference on Formal aspects of security and trust
Formal methods for cryptographic protocol analysis: emerging issues and trends
IEEE Journal on Selected Areas in Communications
A formal approach for inspecting privacy and trust in advanced electronic services
ESSoS'13 Proceedings of the 5th international conference on Engineering Secure Software and Systems
POSTER: TRIPLEX: verifying data minimisation in communication systems
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
| Hi-index | 0.00 |
Over the years, formal methods have been developed for the analysis of security and privacy aspects of communication in IT systems. However, existing methods are insufficient to deal with privacy, especially in identity management (IdM), as they fail to take into account whether personal information can be linked to its data subject. In this paper, we propose a general formal method to analyze privacy of communication protocols for IdM. To express privacy, we represent knowledge of personal information in a three-layer model. We show how to deduce knowledge from observed messages and how to verify a range of privacy properties. We validate the approach by applying it to an IdM case study.