Title :
Formal specification and verification of control software for cryptographic equipment
Author :
Kuhn, D. Richard ; Dray, James F.
Author_Institution :
Nat. Comput. Syst. Lab., Nat. Inst. of Stand. & Technol., Gaithersburg, MD, USA
Abstract :
A description is given of the application of formal specification and verification methods to two microprocessor-based cryptographic devices: a `smart token´ system that controls access to a network of workstations, and a message authentication device implementing the ANSI X9.9 message authentication standard. Formal specification and verification were found to be practical, cost-effective tools for detecting potential security weaknesses, and helped to significantly strengthen the security of the access control system
Keywords :
access control; computer networks; computerised control; control system analysis computing; cryptography; formal specification; microcomputer applications; program verification; smart cards; standards; ANSI; X9.9 standard; access control system; control software; formal specification; message authentication device; message authentication standard; microprocessor-based cryptographic devices; potential security weaknesses; smart token; verification methods; workstations; Access control; Computer networks; Control systems; Cryptography; Formal specifications; Message authentication; NIST; Security; Smart cards; Workstations;
Conference_Titel :
Computer Security Applications Conference, 1990., Proceedings of the Sixth Annual
Conference_Location :
Tucson, AZ
Print_ISBN :
0-8186-2105-2
DOI :
10.1109/CSAC.1990.143748
