正式测试电子钱包协议的故障安全

Proceedings 16th Annual International Conference on Automated Software Engineering (ASE 2001) Pub Date : 2001-11-26 DOI:10.1109/ASE.2001.989840

J. Jürjens, Guido Wimmel

{"title":"正式测试电子钱包协议的故障安全","authors":"J. Jürjens, Guido Wimmel","doi":"10.1109/ASE.2001.989840","DOIUrl":null,"url":null,"abstract":"Designing and implementing security-critical systems correctly is difficult. In practice, most vulnerabilities arise from bugs in implementations. We present work towards systematic specification-based testing of security-critical systems using the CASE tool AutoFocus. Cryptographic systems are formally specified with state transition diagrams, a notation for state machines in the AutoFocus system., We show how to systematically generate test sequences for security properties based on the model that can be used to test the implementation for vulnerabilities. In particular we focus on the principle of fail-safety. We explain our method at the example of a part of the Common Electronic Purse Specifications (CEPS). Most commonly, attacks address vulnerabilities in the way security mechanisms are used, rather than the mechanisms themselves. Being able to treat security aspects with a general CASE tool within the context of system development enables detection of such vulnerabilities.","PeriodicalId":433615,"journal":{"name":"Proceedings 16th Annual International Conference on Automated Software Engineering (ASE 2001)","volume":"49 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2001-11-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"39","resultStr":"{\"title\":\"Formally testing fail-safety of electronic purse protocols\",\"authors\":\"J. Jürjens, Guido Wimmel\",\"doi\":\"10.1109/ASE.2001.989840\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Designing and implementing security-critical systems correctly is difficult. In practice, most vulnerabilities arise from bugs in implementations. We present work towards systematic specification-based testing of security-critical systems using the CASE tool AutoFocus. Cryptographic systems are formally specified with state transition diagrams, a notation for state machines in the AutoFocus system., We show how to systematically generate test sequences for security properties based on the model that can be used to test the implementation for vulnerabilities. In particular we focus on the principle of fail-safety. We explain our method at the example of a part of the Common Electronic Purse Specifications (CEPS). Most commonly, attacks address vulnerabilities in the way security mechanisms are used, rather than the mechanisms themselves. Being able to treat security aspects with a general CASE tool within the context of system development enables detection of such vulnerabilities.\",\"PeriodicalId\":433615,\"journal\":{\"name\":\"Proceedings 16th Annual International Conference on Automated Software Engineering (ASE 2001)\",\"volume\":\"49 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2001-11-26\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"39\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings 16th Annual International Conference on Automated Software Engineering (ASE 2001)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ASE.2001.989840\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings 16th Annual International Conference on Automated Software Engineering (ASE 2001)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ASE.2001.989840","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 39

摘要

正确地设计和实现安全关键型系统是困难的。实际上，大多数漏洞都是由实现中的错误引起的。我们介绍了使用CASE工具AutoFocus对安全关键系统进行基于系统规范的测试的工作。加密系统是用状态转换图正式指定的，状态转换图是AutoFocus系统中状态机的符号。我们展示了如何基于可用于测试漏洞实现的模型系统地生成安全属性的测试序列。我们特别关注故障安全原理。我们在通用电子钱包规范(cceps)的一部分示例中解释了我们的方法。最常见的是，攻击通过使用安全机制的方式来解决漏洞，而不是机制本身。能够在系统开发的上下文中使用通用的CASE工具来处理安全方面，就能够检测到这样的漏洞。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Formally testing fail-safety of electronic purse protocols

Designing and implementing security-critical systems correctly is difficult. In practice, most vulnerabilities arise from bugs in implementations. We present work towards systematic specification-based testing of security-critical systems using the CASE tool AutoFocus. Cryptographic systems are formally specified with state transition diagrams, a notation for state machines in the AutoFocus system., We show how to systematically generate test sequences for security properties based on the model that can be used to test the implementation for vulnerabilities. In particular we focus on the principle of fail-safety. We explain our method at the example of a part of the Common Electronic Purse Specifications (CEPS). Most commonly, attacks address vulnerabilities in the way security mechanisms are used, rather than the mechanisms themselves. Being able to treat security aspects with a general CASE tool within the context of system development enables detection of such vulnerabilities.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Proceedings 16th Annual International Conference on Automated Software Engineering (ASE 2001)

自引率

0.00%

发文量