Tools for model-based security engineering
Proceedings of the 28th international conference on Software engineering
Developing Secure Embedded Systems: Pitfalls and How to Avoid Them
ICSE COMPANION '07 Companion to the proceedings of the 29th International Conference on Software Engineering
Model-based security engineering with UML: introducing security aspects
FMCO'05 Proceedings of the 4th international conference on Formal Methods for Components and Objects
Model-based security engineering for real
FM'06 Proceedings of the 14th international conference on Formal Methods
| Hi-index | 0.00 |
Understanding the security goals provided by cryptographic protocol implementations is known to be difficult, since security requirements such as secrecy, integrity and authenticity of data are notoriously hard to establish, especially in the context of cryptographic interactions. A lot of research has been devoted to developing formal techniques to analyze abstract specifications of cryptographic protocols. Less attention has been paid to the analysis of cryptoprotocol implementations, for which a formal link to specifications is often not available. In this paper, we apply an approach to determine security goals provided by a C implementation to a industrially-strength biometric authentication system. Our approach is based on control flow graphs and automated theorem provers for first-order logic.