Embedding agents within the intruder to detect parallel attacks.

Saved in:
Bibliographic Details
Title: Embedding agents within the intruder to detect parallel attacks.
Authors: Broadfoot, P. J.1 Philippa.Broadfoot@comlab.ox.ac.uk, Roscoe, A. W.1 Bill.Roscoe@comlab.ox.ac.uk
Source: Journal of Computer Security. 2004, Vol. 12 Issue 3/4, p379-408. 30p. 6 Charts.
Subjects: CSP (Computer program language), Computer security, Computer network protocols, Computer networks, Computer science
Abstract: We carry forward the work described in our previous papers [5,18,20] on the application of data independence to the model checking of security protocols using CSP [19] and FDR [10]. In particular, we showed how techniques based on data independence [12,19] could be used to justify, by means of a finite FDR check, systems where agents can perform an unbounded number of protocol runs. Whilst this allows for a more complete analysis, there was one significant incompleteness in the results we obtained: while each individual identity could perform an unlimited number of protocol runs sequentially, the degree of parallelism remained bounded (and small to avoid state space explosion). In this paper, we report significant progress towards the solution of this problem, by means anticipated in [5], namely by “internalising” protocol roles within the “intruder” process. The internalisation of protocol roles (initially only server‐type roles) was introduced in [20] as a state‐space reduction technique (for which it is usually spectacularly successful). It was quickly noticed that this had the beneficial side‐effect of making the internalised server arbitrarily parallel, at least in cases where it did not generate any new values of data independent type. We now consider the case where internal roles do introduce fresh values and address the issue of capturing their state of mind (for the purposes of analysis). [ABSTRACT FROM AUTHOR]
Copyright of Journal of Computer Security is the property of Sage Publications Inc. and its content may not be copied or emailed to multiple sites without the copyright holder's express written permission. Additionally, content may not be used with any artificial intelligence tools or machine learning technologies. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract. (Copyright applies to all Abstracts.)
Database: Engineering Source
Be the first to leave a comment!
You must be logged in first