Accountability in Electronic Commerce Protocols
IEEE Transactions on Software Engineering
Binding telecooperation---a formal model for electronic commerce
Computer Networks: The International Journal of Computer and Telecommunications Networking
Automata, Languages, and Machines
Automata, Languages, and Machines
A Framework for Design of Key Establishment Protocols
ACISP '96 Proceedings of the First Australasian Conference on Information Security and Privacy
A Calculus for Secure Channel Establishment in Open Networks
ESORICS '94 Proceedings of the Third European Symposium on Research in Computer Security
Design and Analysis of Key Exchange Protocols via Secure Channel Identification
ASIACRYPT '94 Proceedings of the 4th International Conference on the Theory and Applications of Cryptology: Advances in Cryptology
A Logical Language for Specifying Cryptographic Protocol Requirements
SP '93 Proceedings of the 1993 IEEE Symposium on Security and Privacy
SP '96 Proceedings of the 1996 IEEE Symposium on Security and Privacy
On a formal framework for security properties
Computer Standards & Interfaces
Identification of security requirements in systems of systems by functional security analysis
Architecting dependable systems VII
Enforcing S&D pattern design in RCES with modeling and formal approaches
Proceedings of the 14th international conference on Model driven engineering languages and systems
Hi-index | 0.00 |
This paper presents a new formalisation of authenticity and proof of authenticity. These security properties constitute essential requirements for secure electronic commerce and other types of binding telecooperation. Based on the notions of formal language theory, authenticity and proof of authenticity are defined relative to the agents' knowledge about the system. Abstraction by language homomorphisms satisfying particular properties preserves the respective security properties from a higher to a lower level of abstraction. Thus, the new formalisation is suitable for a top-down security engineering method. The approach is demonstrated by a typical e-commerce example, a price-offer transaction. We present specifications of this example on two different abstraction levels. On the lower of these abstraction levels, Asynchronous Product Automata (APA) are used to model cryptographic protocols, and properties of cryptographic algorithms are formally described by abstract secure channels.