Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
On the secure implementation of security protocols
KTH, Superseded Departments, Computer and Systems Sciences, DSV.ORCID iD: 0000-0001-5432-6442
2004 (English)In: Science of Computer Programming, ISSN 0167-6423, E-ISSN 1872-7964, Vol. 50, no 3-Jan, 73-99 p.Article in journal (Refereed) Published
Abstract [en]

We consider the problem of implementing a security protocol in such a manner that secrecy of sensitive data is not jeopardized. Implementation is assumed to take place in the context of an API that provides standard cryptography and communication services. Given a dependency specification, stating how API methods can produce and consume secret information, we propose an information flow property based on the idea of invariance under perturbation, relating observable changes in output to corresponding changes in input. Besides the information flow condition itself, the main contributions of the paper are results relating the admissibility property to a direct flow property in the special case of programs which branch on secrets only in cases permitted by the dependency rules. These results are used to derive an unwinding theorem, reducing a behavioural correctness check (strong bisimulation) to an invariant.

Place, publisher, year, edition, pages
2004. Vol. 50, no 3-Jan, 73-99 p.
Keyword [en]
semantics-based security, confidentiality, information flow, protocol implementation, admissibility, security policy, information-flow, language
Identifiers
URN: urn:nbn:se:kth:diva-23264ISI: 000220271100005OAI: oai:DiVA.org:kth-23264DiVA: diva2:341962
Note
QC 20100525Available from: 2010-08-10 Created: 2010-08-10 Last updated: 2017-12-12Bibliographically approved

Open Access in DiVA

No full text

Authority records BETA

Dam, Mads

Search in DiVA

By author/editor
Dam, Mads
By organisation
Computer and Systems Sciences, DSV
In the same journal
Science of Computer Programming

Search outside of DiVA

GoogleGoogle Scholar

urn-nbn

Altmetric score

urn-nbn
Total: 24 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf