Change search
ReferencesLink to record
Permanent link

Direct link
Secrecy for mobile implementations of security protocols
KTH, Superseded Departments, Microelectronics and Information Technology, IMIT.
2001 (English)Licentiate thesis, monograph (Other scientific)
Abstract [en]

Mobile code technology offers interesting possibilities tothe practitioner, but also raises strong concerns aboutsecurity. One aspect of security is secrecy, the preservationof confidential information. This thesis investigates themodelling, specification and verification of secrecy in mobileapplications which access and transmit confidential informationthrough a possibly compromised medium (e.g. the Internet).These applications can be expected to communicate secretinformation using a security protocol, a mechanism to guaranteethat the transmitted data does not reach unauthorizedentities.

The central idea is therefore to relate the secrecyproperties of the application to those of the protocol itimplements, through the definition of a "confidential protocolimplementation" relation. The argument takes an indirect form,showing that a confidential implementation transmits secretdata only in the ways indicated by the protocol. We define theimplementation relation using labelled transition semantics,bisimulations and relabelling functions. To justify itstechnical definition, we relate this property to a notion ofnoninterference for nondeterministic systems derived fromCohenÂ’s definition of Selective Independency. We alsoprovide simple and local conditions that greatly simplify itsverification, and report on our experiments on an architectureshowing how the proposed formulations could be used in practiceto enforce secrecy of mobile code.

Place, publisher, year, edition, pages
Kista: Mikroelektronik och informationsteknik , 2001. , viii, 121 p.
Trita-IT. AVH, 01:05
URN: urn:nbn:se:kth:diva-1341OAI: diva2:7178
NR 20140805Available from: 2001-12-12 Created: 2001-12-12Bibliographically approved

Open Access in DiVA

fulltext(743 kB)548 downloads
File information
File name FULLTEXT01.pdfFile size 743 kBChecksum SHA-1
Type fulltextMimetype application/pdf

By organisation
Microelectronics and Information Technology, IMIT

Search outside of DiVA

GoogleGoogle Scholar
Total: 548 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

Total: 218 hits
ReferencesLink to record
Permanent link

Direct link