ASLan++ -- a formal security specification language for distributed systems

Authors:
David von Oheimb;Sebastian Mödersheim
Affiliations:
Siemens Corporate Technology, IT Security, Munich, Germany;DTU Informatics, Technical University of Denmark, Lyngby, Denmark
Venue:
FMCO'10 Proceedings of the 9th international conference on Formal Methods for Components and Objects
Year:
2010

Citing 10
Cited 4

A logic of authentication

ACM Transactions on Computer Systems (TOCS)
KLAIM: A Kernel Language for Agents Interaction and Mobility

IEEE Transactions on Software Engineering
An Efficient Cryptographic Protocol Verifier Based on Prolog Rules

CSFW '01 Proceedings of the 14th IEEE workshop on Computer Security Foundations
Protocol Insecurity with Finite Number of Sessions is NP-Complete

CSFW '01 Proceedings of the 14th IEEE workshop on Computer Security Foundations
DKAL: Distributed-Knowledge Authorization Language

CSF '08 Proceedings of the 2008 21st IEEE Computer Security Foundations Symposium
The Scyther Tool: Verification, Falsification, and Analysis of Security Protocols

CAV '08 Proceedings of the 20th international conference on Computer Aided Verification
The Open-Source Fixed-Point Model Checker for Symbolic Analysis of Security Protocols

Foundations of Security Analysis and Design V
Protocol Composition for Arbitrary Primitives

CSF '10 Proceedings of the 2010 23rd IEEE Computer Security Foundations Symposium
Abstraction by set-membership: verifying security protocols and web services with databases

Proceedings of the 17th ACM conference on Computer and communications security
The AVISPA tool for the automated validation of internet security protocols and applications

CAV'05 Proceedings of the 17th international conference on Computer Aided Verification

The AVANTSSAR platform for the automated validation of trust and security of service-oriented architectures

TACAS'12 Proceedings of the 18th international conference on Tools and Algorithms for the Construction and Analysis of Systems
HiPoLDS: a security policy language for distributed systems

WISTP'12 Proceedings of the 6th IFIP WG 11.2 international conference on Information Security Theory and Practice: security, privacy and trust in computing systems and ambient intelligent ecosystems
HiPoLDS: A Hierarchical Security Policy Language for Distributed Systems

Information Security Tech. Report
Modeling test cases for security protocols with SecureMDD

Computer Networks: The International Journal of Computer and Telecommunications Networking

Quantified Score

Hi-index	0.00

Visualization

Abstract

This paper introduces ASLan++, the AVANTSSAR Specification Language. ASLan++ has been designed for formally specifying dynamically composed security-sensitive web services and service-oriented architectures, their associated security policies, as well as their security properties, at both communication and application level. We introduce the main concepts of ASLan++ at a small but very instructive running example, abstracted form a company intranet scenario, that features non-linear and inter-dependent workflows, communication security at different abstraction levels including an explicit credentials-based authentication mechanism, dynamic access control policies, and the related security goals. This demonstrates the flexibility and expressiveness of the language, and that the resulting models are logically adequate, while on the other hand they are clear to read and feasible to construct for system designers who are not experts in formal methods.