Verifying smart card applications: an ASM approach

  • We present a formal model for security protocols of smart card applications using Abstract State Machines (ASMs) and a suitable method for verifying security properties of such protocols. The main part of this article describes the structure of the protocol-ASM and all its relevant parts. Integrated in the ASM are all relevant aspects of the scenario: The agents participating in the application (static and dynamic aspects), the attacker and the possible communication between all those involved in the application. Our modeling technique enables an attacker model exactly tailored to the application under consideration, instead of only an attacker similar to the Dolev-Yao model. We also introduce a proof technique for security properties of the protocols. For proving properties the ASM is represented as a Dynamic Logic (DL) program in the KIV system. Properties are proved using symbolic execution and invariants. Our formal approach is exemplified with a small e-commerce application. WeWe present a formal model for security protocols of smart card applications using Abstract State Machines (ASMs) and a suitable method for verifying security properties of such protocols. The main part of this article describes the structure of the protocol-ASM and all its relevant parts. Integrated in the ASM are all relevant aspects of the scenario: The agents participating in the application (static and dynamic aspects), the attacker and the possible communication between all those involved in the application. Our modeling technique enables an attacker model exactly tailored to the application under consideration, instead of only an attacker similar to the Dolev-Yao model. We also introduce a proof technique for security properties of the protocols. For proving properties the ASM is represented as a Dynamic Logic (DL) program in the KIV system. Properties are proved using symbolic execution and invariants. Our formal approach is exemplified with a small e-commerce application. We use an electronic wallet to demonstrate the ASM-based protocol model and we also show how the proof obligations of some of the security properties look like.show moreshow less

Download full text files

Export metadata

Statistics

Number of document requests

Additional Services

Share in Twitter Search Google Scholar
Metadaten
Author:Dominik HanebergORCiDGND, Holger GrandyGND, Wolfgang ReifORCiDGND, Gerhard SchellhornORCiDGND
URN:urn:nbn:de:bvb:384-opus4-1194
Frontdoor URLhttps://opus.bibliothek.uni-augsburg.de/opus4/168
Series (Serial Number):Reports / Technische Berichte der Fakultät für Angewandte Informatik der Universität Augsburg (2006-08)
Type:Report
Language:English
Year of first Publication:2006
Publishing Institution:Universität Augsburg
Release Date:2006/06/06
GND-Keyword:Chipkarte; Sicherheitsprotokoll
Institutes:Fakultät für Angewandte Informatik
Fakultät für Angewandte Informatik / Institut für Informatik
Fakultät für Angewandte Informatik / Institut für Software & Systems Engineering
Fakultät für Angewandte Informatik / Institut für Informatik / Lehrstuhl für Softwaretechnik
Fakultät für Angewandte Informatik / Institut für Informatik / Lehrstuhl für Softwaretechnik / Lehrstuhl für Softwaretechnik
Dewey Decimal Classification:0 Informatik, Informationswissenschaft, allgemeine Werke / 00 Informatik, Wissen, Systeme / 004 Datenverarbeitung; Informatik