Hier finden Sie wissenschaftliche Publikationen aus den Fraunhofer-Instituten.

Authenticity and provability - a formal framework

: Gürgens, S.; Ochsenschläger, P.; Rudolph, C.

Abstract (PDF; )

Davida, G.; Frankel, Y.; Rees, O.:
Infrastructure security : international conference, InfraSec 2002, Bristol, UK, October 1-3, 2002 ; proceedings
Berlin: Springer, 2002 (Lecture Notes in Computer Science 2437)
ISBN: 3-540-44309-6
ISSN: 0302-9743
International Conference on Infrastructure Security <2002, Bristol>
Conference Paper, Electronic Publication
Fraunhofer SIT ()

This paper presents a new formalisation of authenticity and proof of authenticity. These security properties constitute essential requirements for secure electronic commerce and other types of binding telecooperation. Based on the notions of formal language theory, authenticity and proof of authenticity are defined relative to the agents' knowledge about the system. Abstraction by language homomorphisms satisfying particular properties preserves the respective security properties from a higher to a lower level of abstraction. Thus, the new formalisation is suitable for a top-down security engineering method. The approach is demonstrated by a typical e-commerce example, a price-offer transaction. We present specifications of this example on two different abstraction levels. On the lower of these abstraction levels, Asynchronous Product Automata (APA) are used to model cryptographic protocols, and properties of cryptographic algorithms are formally described by abstract secure channels.