Browse by author
Lookup NU author(s): Dr Nick Cook,
Dr Paul Robinson,
Emeritus Professor Santosh Shrivastava
Full text for this publication is not currently held within this repository. Alternative links are provided below where available.
The correct implementation of security protocols is a challenging task. To achieve a high degree of confidence in an implementation, as with any software, ideally one requires both: (i) a formal specification that has been subjected to verification, and (ii) tool support to generate an implementation from the verified specification. The formal specification and verification of security protocols has attracted considerable attention, with corresponding advances. However, the state of the art in the generation of implementations has not progressed beyond relatively simple protocols. This paper presents a case study on the implementation of a deterministically fair non-repudiation protocol. Such protocols are among the most complex of security protocols. Sub-protocols are typically required to guarantee timely termination. A trusted third party must be involved to guarantee fairness. Finally, to satisfy requirements such as non-repudiable audit, significant infrastructure support is needed. The case study demonstrates an improved approach to protocol implementation. Starting with a formal specification, a rigorous process with considerable tool support leads to the deployment of a protocol implementation in a flexible Web services-based execution framework. The paper concludes with an evaluation of the approach.
Author(s): Cook N, Robinson P, Shrivastava S
Editor(s): Oria, V., Elmagarmid, A., Lochovsky, F. et al.
Publication type: Conference Proceedings (inc. Abstract)
Publication status: Published
Conference Name: Second International Workshop on Services Engineering (SEIW 2007). In conjunction with the IEEE 23rd International Conference on Data Engineering (ICDE'07)
Year of Conference: 2007
Library holdings: Search Newcastle University Library for this item