Sciweavers

ACSC
2007
IEEE

Cross-Layer Verification of Type Flaw Attacks on Security Protocols

14 years 4 months ago
Cross-Layer Verification of Type Flaw Attacks on Security Protocols
Security protocols are often specified at the application layer; however, application layer specifications give little detail regarding message data structures at the presentation layer upon which some implementation-dependent attacks rely. In this paper we present an approach to verifying security protocols in which both the application and presentation layers are modelled. Using the Group Domain of Interpretation protocol as an example, our application layer specification of the protocol is used as input to the AVISPA model checking tool for analysis. Two type flaw attacks are found via model checking which are then verified against the corresponding presentation layer specification, thus identifying the minimal requirements to prevent the attacks.
Benjamin W. Long, Colin J. Fidge, David A. Carring
Added 12 Aug 2010
Updated 12 Aug 2010
Type Conference
Year 2007
Where ACSC
Authors Benjamin W. Long, Colin J. Fidge, David A. Carrington
Comments (0)