Title :
A Method for Describing Structure of System Security Based on Trust and Authentication
Author :
Maeda, Tsukasa ; Kurihara, Masahito
Author_Institution :
Grad. Sch. of Inf. Sci. & Technol., Hokkaido Univ., Sapporo, Japan
Abstract :
In this paper, we propose a method by which frontline engineers in system development fields can readily describe the structure of the security of systems. This method, based on the assumption of the use of standard encryption technologies and existing cryptographic protocols, reveals hidden security threats and vulnerabilities of systems. It extracts only security elements that constitute the trust relationship of system components, describing the relation between the elements, and analyzing the relation. This method provides a valuable assistance tool to build secure systems, because it works as an efficient communication paradigm between stakeholders of a system to help them in understanding the security of the system and confirming that their security requirements are fulfilled.
Keywords :
cryptography; message authentication; authentication; cryptographic protocol; encryption technology; security threat; system security; trust relationship; Authentication; Browsers; Communication channels; Cryptographic protocols; Cryptography; Servers; authentication; system description; system security;
Conference_Titel :
Computer and Information Science (ICIS), 2010 IEEE/ACIS 9th International Conference on
Conference_Location :
Yamagata
Print_ISBN :
978-1-4244-8198-9
DOI :
10.1109/ICIS.2010.69
