Model Checking Electronic CommerceSecurity Protocols Based on CTL 被引量：1

Model Checking Electronic CommerceSecurity Protocols Based on CTL

下载PDF

导出

摘要 We present a model based on Computational Temporal Logic (CTL) methods forverifying security requirements of electronic commerce, protocols. The model describes formally theauthentication, confidentiality integrity, non-repudiation) denial of serviee and access control ofthe e-lectronic commerce protocols. We illustrate as case study a variant of the Lu-Smolka protocolproposed by Lu-Smolka Moreover, we have discovered two attacks that allow a dishonest user topurchase a good debiting the amountto another user. And also, we compared our work with relativeresearch works and found lhat the formal way of this paper is more general to specify securityprotocols for E-Commerce. We present a model based on Computational Temporal Logic (CTL) methods forverifying security requirements of electronic commerce, protocols. The model describes formally theauthentication, confidentiality integrity, non-repudiation) denial of serviee and access control ofthe e-lectronic commerce protocols. We illustrate as case study a variant of the Lu-Smolka protocolproposed by Lu-Smolka Moreover, we have discovered two attacks that allow a dishonest user topurchase a good debiting the amountto another user. And also, we compared our work with relativeresearch works and found lhat the formal way of this paper is more general to specify securityprotocols for E-Commerce.

作者 XIAODe-qin ZHANGHuan-guo

机构地区 Collegeoflnformation StaleKeyLaboratoryofSoftwareEngeering

出处《Wuhan University Journal of Natural Sciences》 EI CAS 2005年第1期333-337,共5页 武汉大学学报（自然科学英文版）

基金 Supported by the Natural Science Foundation ofthe Department of Education of Guangdong Province (Z03001)

关键词 E-commercc security protocols formal methods computational temporal logic E-commercc security protocols formal methods computational temporal logic

分类号 TP309 [自动化与计算机技术—计算机系统结构] F713.36 [经济管理—产业经济]

引文网络
相关文献

参考文献2

1肖德琴,周权,张焕国,刘才兴.基于时序逻辑的加密协议分析[J].计算机学报,2002,25(10):1083-1089. 被引量：15
2肖德琴,林丕源,周权,张焕国.应用时序逻辑分析密钥分配协议[J].小型微型计算机系统,2002,23(11):1340-1343. 被引量：1

二级参考文献3

1肖德琴张焕国.基于时序逻辑的加密协议验证模型.密码学进展－ChinaCrypt’98[M].北京:科学出版社,1998.117-122.
2曾小平,孙永强.用Spi演算描述和验证密码学安全协议[J].计算机工程,1999,25(2):51-53. 被引量：3
3周典萃,卿斯汉,周展飞.Kailar逻辑的缺陷[J].软件学报,1999,10(12):1238-1245. 被引量：29

共引文献14

1张广胜,吴哲辉,逄玉叶.基于时间Petri网的密码协议分析[J].系统仿真学报,2003,15(z1):11-16. 被引量：6
2沈丁,叶长国,胡勇.通过硬件强化程序反跟踪加密的方法[J].山东农业大学学报（自然科学版）,2004,35(3):458-461. 被引量：1
3张广泉,黄正宝,戎玫.网络协议形式化模型的分析与应用[J].计算机工程与应用,2005,41(23):121-124. 被引量：1
4文静华,张梅,李祥.一种新的密码协议分析方法及其应用[J].计算机应用,2006,26(5):1087-1089.
5肖德琴,冯健昭,杨波,张焕国.基于无线传感器网络的信誉形式化模型[J].计算机科学,2007,34(6):84-87. 被引量：11
6李新中,周小燕.基于BAN逻辑分析Otway-Rees协议安全性[J].微计算机信息,2007(18):71-72. 被引量：1
7林松,李舟军.基于Petri网的双重数字签名的描述与验证[J].系统仿真学报,2008,20(9):2498-2501. 被引量：10
8黄佳.基于行为时序逻辑的安全协议研究[J].信息通信,2012,25(4):22-23. 被引量：1
9陈兰.H.530协议形式化分析与模型检测[J].教育教学论坛,2013(17):281-282.
10薛晨,任大勇.基于时延Petri网的双重数字签名技术研究[J].计算机与数字工程,2013,41(9):1485-1488. 被引量：2

同被引文献9

1Sencun Z,Sanjeev S,Sushil J.LEAP: Efficient Security Mechanisms for Large-Scale Distributed Sensor Networks. http://www.cse.psu.edu/～szhu/papers/ leap.pdf . 2006
2Blaze M,Feigenbaum J,Lacy J.Decentralized Trust Man-agement[].Proc of the th Symp on Security and Privacy.1996
3Blaze M,Feigenbaum J,Ioannidis J, et al.RFC2704—The KeyNote Trust Management System Version 2. http://www.ietf.org/rfc/rfc2704.txt . 2006
4Ninghui L,John C M,William H W.Design of a Role-Based Trust Management Framework. http: //crypto.stanford.edu/～ninghui/papers/rt_oakland02.pdf . 2006
5Sonja B,Jean-Yves L B.Coping with False Accusations in Misbehavior Reputation Systems for Mobile Ad-hoc Networks. http://citeseer.ist.psu.edu/584132.html . 2004
6Sonja B,Jean-Yves L B.A Robust Reputation System for P2P and Mobile Ad-hoc Networks. http://www.cs.cornell.edu/People/egs/cs615-spring07/rep-p2 pecon.pdf . 2004
7Dellarocas C.Mechanisms for Coping with Unfair Ratings and Discriminatory Behavior in Online Reputation Reporting Systems. http://acm.lib.tsinghua. edu.cn . 2006
8Audun J,Roslan I.The Beta Reputation System[]..2005
9Paul R,Richard Z.Trust among Strangers in Internet Transac-tions: Empirical Analysis of eBay’s Reputation System. http://www.si.umich.edu/～presnick/papers/ebay NBER/RZNBERBodegaBay.pdf . 2006

引证文献1

1XIAO Deqin,FENG Jianzhao,ZHANG Huanguo.A Formal Reputation System for Trusting Wireless Sensor Network[J].Wuhan University Journal of Natural Sciences,2008,13(2):173-179. 被引量：1

二级引证文献1

1刘涛,关亚文,熊焰,黄文超,陆琦玮.无人值守WSN中一种具有激励机制的信任管理模型[J].武汉大学学报（理学版）,2013,59(6):578-582.

1郭建,金乃咏.模型检验中对CTL公式的空属性探测[J].西安电子科技大学学报,2007,34(5):794-799. 被引量：1
2古俐明.Lotus Domino/Notes中数字签名技术的分析与改进[J].广东技术师范学院学报,2007,28(7):18-20.
3陈冬火,王林章,崔家林.Model Checking over Paraconsistent Temporal Logic[J].Journal of Donghua University(English Edition),2008,25(5):571-580.
4LUO JunZhou YANG Ming.Analysis of security protocols based on challenge-response[J].Science in China(Series F),2007,50(2):137-153. 被引量：1
5FENG DengGuo CHEN WeiDong.Modular approach to the design and analysis of password-based security protocols[J].Science in China(Series F),2007,50(3):381-398. 被引量：4
6Anh Tuan LUU,Jun SUN,Yang LIU,Jin Song DONG,Xiaohong LI,Thanh Tho QUAN.SeVe： automatic tool for verification of security protocols[J].Frontiers of Computer Science,2012,6(1):57-75.
7朱玉娜,韩继红,袁霖,陈韩托,范钰丹.SPFPA:一种面向未知安全协议的格式解析方法[J].计算机研究与发展,2015,52(10):2200-2211. 被引量：15
8李梦君,李舟军,陈火旺.基于进程代数的安全协议分析与验证[J].计算机科学,2003,30(6):23-26.
9文静华,张梅,李祥.一种新的密码协议分析方法及其应用[J].计算机应用,2006,26(5):1087-1089.
10宋震,张艳,李舟军,陈火旺.安全协议的形式化描述和分析[J].计算机科学,2003,30(8):24-27. 被引量：2

Wuhan University Journal of Natural Sciences

2005年第1期

浏览历史

内容加载中请稍等...