Intruder deducibility constraints with negation. Decidability and application to secured service compositions. (May 2017)
- Record Type:
- Journal Article
- Title:
- Intruder deducibility constraints with negation. Decidability and application to secured service compositions. (May 2017)
- Main Title:
- Intruder deducibility constraints with negation. Decidability and application to secured service compositions
- Authors:
- Avanesov, Tigran
Chevalier, Yannick
Rusinowitch, Michael
Turuani, Mathieu - Abstract:
- Abstract: We consider a problem of automated orchestration of security-aware services under additional constraints. The problem of finding a mediator to compose secured services has been reduced in previous works to the problem of solving deducibility constraints similar to those employed for cryptographic protocol analysis. We extend in this paper the mediator synthesis procedure (i.e. a solution for the orchestration problem) by allowing additional non-disclosure policies that express the fact that some data is not accessible to the mediator at a given point of its execution. We present a decision procedure that answers the question whether a mediator satisfying these policies can be effectively synthesized. The approach presented in this work extends the constraint solving procedure for cryptographic protocol analysis in a significant way as to be able to handle negation of deducibility constraints. It applies to all subterm convergent theories and therefore covers several interesting theories in formal security analysis including encryption, hashing, signature and pairing; it is also expressive enough for some RBAC policies. A variant of this procedure for Dolev Yao theory has been implemented in Cl-Atse, a protocol analysis tool based on constraint solving.
- Is Part Of:
- Journal of symbolic computation. Volume 80:Part 1(2017)
- Journal:
- Journal of symbolic computation
- Issue:
- Volume 80:Part 1(2017)
- Issue Display:
- Volume 80, Issue 1, Part 1 (2017)
- Year:
- 2017
- Volume:
- 80
- Issue:
- 1
- Part:
- 1
- Issue Sort Value:
- 2017-0080-0001-0001
- Page Start:
- 4
- Page End:
- 26
- Publication Date:
- 2017-05
- Subjects:
- Web services -- Orchestration -- Security policy -- Separation of duty -- Deducibility constraints -- Cryptographic protocols -- Formal methods -- Automated verification -- Synthesis
Mathematics -- Data processing -- Periodicals
Numerical analysis -- Data processing -- Periodicals
Automatic programming (Computer science) -- Periodicals
Mathématiques -- Informatique -- Périodiques
Analyse numérique -- Informatique -- Périodiques
Programmation automatique -- Périodiques
Automatic programming (Computer science)
Mathematics -- Data processing
Numerical analysis -- Data processing
Periodicals
Electronic journals
510.285 - Journal URLs:
- http://www.sciencedirect.com/science/journal/07477171 ↗
http://www.elsevier.com/journals ↗ - DOI:
- 10.1016/j.jsc.2016.07.008 ↗
- Languages:
- English
- ISSNs:
- 0747-7171
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - 5067.900000
British Library DSC - BLDSS-3PM
British Library HMNTS - ELD Digital store - Ingest File:
- 7434.xml