Title :
Synthesising End-to-End Security Protocols
Author :
Thevathayan, Charles ; Bertok, Peter ; Fernandez, George
Author_Institution :
RMIT, Melbourne, VIC, Australia
Abstract :
E-commerce transactions rely on end-to-end protocols to provide security guarantees when messages are sent through intermediaries. If autonomous entities with different security requirements are to collaborate, protocols providing end-to-end security must be synthesized at runtime. However, such an approach is predicated on finding security primitives and ways of expressing interdependencies between semantics and security. The proposed approach defines fine-grained security properties by combining basic properties and enforcing them in a predefined order. The use of standard security properties allows autonomous entities to reason about security requirements. Furthermore, the novel propagation rules defined allow end-to-end security properties to be derived from entity security requirements. By using proven schemes designed to enforce such requirements, this approach allows end-to-end security protocols similar to the SET purchase protocol to be created at runtime.
Keywords :
cryptographic protocols; electronic commerce; SET purchase protocol; e-commerce transactions; end-to-end security properties; end-to-end security protocol synthesis; entity security requirements; fine-grained security properties; propagation rules; security primitives; standard security properties; Authentication; Cryptography; Finite element analysis; Knowledge based systems; Logic gates; Protocols; End-to-end security; Security Protocols; Synthesis;
Conference_Titel :
Trust, Security and Privacy in Computing and Communications (TrustCom), 2014 IEEE 13th International Conference on
Conference_Location :
Beijing
DOI :
10.1109/TrustCom.2014.132
