Cross-Layer Verification of Type Flaw Attacks on Security Protocols

14 years 3 months ago

Download crpit.com

Security protocols are often specified at the application layer; however, application layer specifications give little detail regarding message data structures at the presentation layer upon which some implementation-dependent attacks rely. In this paper we present an approach to verifying security protocols in which both the application and presentation layers are modelled. Using the Group Domain of Interpretation protocol as an example, our application layer specification of the protocol is used as input to the AVISPA model checking tool for analysis. Two type flaw attacks are found via model checking which are then verified against the corresponding presentation layer specification, thus identifying the minimal requirements to prevent the attacks.

Benjamin W. Long, Colin J. Fidge, David A. Carring

Real-time Traffic

ACSC 2007 | Application Layer | Application Layer Specification | Presentation Layer | Theoretical Computer Science |

claim paper

Post Info
More Details (n/a)

Added	12 Aug 2010
Updated	12 Aug 2010
Type	Conference
Year	2007
Where	ACSC
Authors	Benjamin W. Long, Colin J. Fidge, David A. Carrington

Comments (0)

Sciweavers

Cross-Layer Verification of Type Flaw Attacks on Security Protocols

ACSC 2007 | Application Layer | Application Layer Specification | Presentation Layer | Theoretical Computer Science |

Explore & Download

Productivity Tools

Document Tools

Image Tools

Sciweavers