Change search
ReferencesLink to record
Permanent link

Direct link
Secrecy for Mobile Implementations of Security Protocols
Number of Authors: 1
2001 (English)Report (Refereed)
Abstract [en]

Mobile code technology offers interesting possibilities to the practitioner, but also raises strong concerns about security. One aspect of security is secrecy, the preservation of confidential information. This thesis investigates the modelling, specification and verification of secrecy in mobile applications which access and transmit confidential information through a possibly compromised medium (e.g. the Internet). These applications can be expected to communicate secret information using a security protocol, a mechanism to guarantee that the transmitted data does not reach unauthorized entities. The central idea is therefore to relate the secrecy properties of the application to those of the protocol it implements, through the definition of a ``confidential protocol implementation'' relation. The argument takes an indirect form, showing that a confidential implementation transmits secret data only in the ways indicated by the protocol. We define the implementation relation using labelled transition semantics, bisimulations and relabelling functions. To justify its technical definition, we relate this property to a notion of noninterference for nondeterministic systems derived from Cohen's definition of Selective Independency. We also provide simple and local conditions that greatly simplify its verification, and report on our experiments on an architecture showing how the proposed formulations could be used in practice to enforce secrecy of mobile code.

Place, publisher, year, edition, pages
Kista, Sweden: Swedish Institute of Computer Science , 2001, 1. , 129 p.
SICS Technical Report, ISSN 1100-3154 ; 2001:19
Keyword [en]
Information Flow, Cryptographic protocol, implementation relation
National Category
Computer and Information Science
URN: urn:nbn:se:ri:diva-22119OAI: diva2:1041661
Available from: 2016-10-31 Created: 2016-10-31

Open Access in DiVA

fulltext(699 kB)5 downloads
File information
File name FULLTEXT01.pdfFile size 699 kBChecksum SHA-512
Type fulltextMimetype application/pdf

Computer and Information Science

Search outside of DiVA

GoogleGoogle Scholar
Total: 5 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

Total: 4 hits
ReferencesLink to record
Permanent link

Direct link