Title :
Model checking the secure electronic transaction (SET) protocol
Author :
Lu, Shiyong ; Smolka, Scott A.
Author_Institution :
Dept. of Comput. Sci., State Univ. of New York, Stony Brook, NY, USA
Abstract :
We use model checking to establish five essential correctness properties of the secure electronic transaction (SET) protocol. SET has been developed jointly by Visa and MasterCard as a method to secure payment card transactions over open networks, and industrial interest in the protocol is high. Our main contributions are to firstly create a formal model of the protocol capturing the purchase request, payment authorization, and payment capture transactions. Together these transactions constitute the kernel of the protocol. We then encoded our model and the aforementioned correctness properties in the input language of the FDR model checker. Running FDR on this input established that our model of the SET protocol satisfies all five properties even though the cardholder and merchant, two of the participants in the protocol, may try to behave dishonestly in certain ways. To our knowledge, this is the first attempt to formalize the SET protocol for the purpose of model checking
Keywords :
electronic commerce; protocols; telecommunication security; FDR model checker; MasterCard; SET protocol; Visa; correctness properties; formal model; input language; model checking; open networks; payment authorization; payment capture transactions; purchase request; secure electronic transaction protocol; secure payment card transactions; Authentication; Authorization; Business; Computer science; Electronic commerce; Electronic design automation and methodology; Internet; Protocols; Security;
Conference_Titel :
Modeling, Analysis and Simulation of Computer and Telecommunication Systems, 1999. Proceedings. 7th International Symposium on
Conference_Location :
College Park, MD
Print_ISBN :
0-7695-0381-0
DOI :
10.1109/MASCOT.1999.805074
