Entity Authentication:Analysis using Structured Intuition

Dansk

DTU.dk

Index

Søgeord

Education

DTU Informatics bookshop

Research

Image Analysis & Computer Graphics

Language-Based Technology

Mathematical Statistics

Industrial collaboration

Industrial collaboration

Public sector consultancy

Advanced Technology Foundation Projects

Continuing education

Model-based Software Engineering Center

MT-Lab

PhD education

Software Development Center

Statistical Consulting Center

About DTU Informatics

About DTU Informatics

Contact

Employees

Facts about DTU Informatics

Getting to DTU Informatics

Alumni association (in Danish)

News

News

Latest news

News Archive at DTU Informatics

Calendar at DTU Informatics

	Research areas

	Algorithms and Logic

	Cognitive Systems

	Data Analysis

	Dynamical Systems

	Embedded Systems Engineering


	People
	Projects
	Publications
	Research
	Teaching

	Image Analysis & Computer Graphics

	Language-Based Technology

	Mathematical Statistics

	Scientific Computing

	Software Engineering

	Research centers

	Publications

Title:

Entity Authentication:Analysis using Structured Intuition

Type:

Conference abstract in proceedingsConference abstract in proceedings

Participant(s):

Author: Ahmed, Naveed (Cwisno: 53381)

Technical University of Denmark

Email:

Author: Jensen, Christian D. (Cwisno: 13409)

Technical University of Denmark

Email:

Abstract:

In this paper, we propose a new method for the analysis that uses intuition of the analyst in a structured way. First we define entity authentication in terms of fine level authentication goals (FLAGs). Then we use some relevant structures in protocol narrations and use them to justify FLAGs for the protocol. All along this process, we discover vulnerabilities and unstated assumptions of the protocol. As the method is intuition based, the quality of results depends on the expertise of the security analyst, however, the structured intuition has two major advantages: Firstly we get a precise specification of security in terms of FLAGs; and secondly the outcome can be used to transform basic protocol narrations into more detailed specifications, which makes a subsequent formal analysis much more meaningful.

Published:

part of: Technical Report on NODES10 Proceedings, 2010,

Presented at:

4th Nordic Workshop on Dependability and Security, Copenhagen

See the publication in DTU Orbit

Top

Matematiktorvet

DTU - Building 303B

DK-2800 Kgs. Lyngby

Tel +45 4525 3031

EAN 5798000428515