Synthesising End-to-End Security Protocols

Author

Thevathayan, Charles ; Bertok, Peter ; Fernandez, George

Author_Institution

RMIT, Melbourne, VIC, Australia

fYear

2014

fDate

24-26 Sept. 2014

Firstpage

440

Lastpage

447

Abstract

E-commerce transactions rely on end-to-end protocols to provide security guarantees when messages are sent through intermediaries. If autonomous entities with different security requirements are to collaborate, protocols providing end-to-end security must be synthesized at runtime. However, such an approach is predicated on finding security primitives and ways of expressing interdependencies between semantics and security. The proposed approach defines fine-grained security properties by combining basic properties and enforcing them in a predefined order. The use of standard security properties allows autonomous entities to reason about security requirements. Furthermore, the novel propagation rules defined allow end-to-end security properties to be derived from entity security requirements. By using proven schemes designed to enforce such requirements, this approach allows end-to-end security protocols similar to the SET purchase protocol to be created at runtime.

Keywords

cryptographic protocols; electronic commerce; SET purchase protocol; e-commerce transactions; end-to-end security properties; end-to-end security protocol synthesis; entity security requirements; fine-grained security properties; propagation rules; security primitives; standard security properties; Authentication; Cryptography; Finite element analysis; Knowledge based systems; Logic gates; Protocols; End-to-end security; Security Protocols; Synthesis;

fLanguage

English

Publisher

ieee

Conference_Titel

Trust, Security and Privacy in Computing and Communications (TrustCom), 2014 IEEE 13th International Conference on

Conference_Location

Beijing

Type

conf

DOI

10.1109/TrustCom.2014.132

Filename

7011280