ENDL: A logical framework for verifying secure transaction protocols

Knowledge and Information Systems

Volumn 7, Issue 1, 2005, Pages 84-109

  Chen, Qingfeng ^a   Zhang, Chengqi ^a   Zhang, Shichao ^a  

^a UNIVERSITY OF TECHNOLOGY SYDNEY   (Australia)

Author keywords

Confidentiality; Electronic commerce; Integrity; Secure transaction protocol; Security; Verification

Indexed keywords

DATA PRIVACY; ELECTRONIC COMMERCE; VERIFICATION;

CONFIDENTIALITY; DATA INTEGRITY; DYNAMIC LOGIC; INTEGRITY; LOGICAL FRAMEWORKS; SECURE PROTOCOLS; SECURE TRANSACTION PROTOCOLS; SECURITY;

COMPUTER CIRCUITS;

EID: 20344364418     PISSN: 02191377     EISSN: 02193116     Source Type: Journal    
DOI: 10.1007/s10115-003-0127-4     Document Type: Article

References (32)

1. Abadi M, Tuttle M (1991) A semantics for a logic of authentication. In: Proceedings of the 10th ACM Symposium on Principles of Distributed Computing. ACM Press, pp 201-216
2. Bai S, Chen QF (2002) The verification logic for secure electronic protocols. J Software (China) 11(2):213-221
3. Bella G, Massacci F, Paulson L, Tramontano P (2000) Formal Verification of cardholder registration in SET. In: Proceedings of the 6th European Symposium on Research in Computer Security (ESORICS'00), Lecture Notes in Computer Science. Springer-Verlag, Berlin, pp 159-174
4. Birrell A (1985) Secure communications using remote procedure calls. ACM Trans Comput Syst 3(1):1-14
5. Brackin S (1996) A HOL extension of GNY for automatically analyzing cryptographic protocols. In: Proceeding of the Ninth IEEE Computer Security Foundations Workshop. IEEE Computer Society Press, pp 62-76
6. Brackin S (1997) Automatic formal analyses of two large commercial protocols. In: Proceedings of the DIMACS Workshop on Design and Formal Verification of Security Protocols (paper available at http://dimacs. rutgers.edu/Workshops/Security/program2/brackin.html)
7. Burrows M, Abadi M, Needham R (1990) A logic for authentication. ACM Trans Comput Syst 8(1):18-36
8. Denning D, Sacco G (1981) Timestamp in key distribution protocols. Commun ACM 24(8):533-536
9. Dierks T, Allen C (1999) http://www.ietf.org/rfc/rfc2246.txt
10. Dolev D, Yao A (1983) On the security of public key protocols. IEEE Trans Inf Theory 29(2):198-208
11. Foner LN (1996) A security architecture for multi-agent matchmaking. In: Proceedings of the Second International Conference on Multi-Agent Systems (ICMAS96). AAAI Press, Menlo Park, CA, pp 80-86
12. Forrester (1998) http://www.forrester.com/ER/research
13. Gong L (1991) Handling infeasible specifications of cryptographic protocols. In: Proceedings of Computer Security Foundations Workshop IV, Franconia, NH, pp 99-102
14. Gong L, Needham R, Yahalom R (1990) Reasoning about belief in cryptographic protocols. In: Proceeding of the Symposium on Security and Privacy, Oakland, CA, pp 234-248
15. Gong L, Syverson P (1995) Fail-stop protocols: An approach to designing secure protocols. In: 5th International Working Conference on Dependable Computing for Critical Applications, pp 44-55
16. Gong L (1992) A security risk of depending on synchronized clocks. ACM Oper Syst Rev 26(1):49-53
17. Gritzalis S (1999) Security protocols over open networks and distributed systems: Formal methods for their analysis, design, and verification. Comput Commun 22(8):695-707
18. Huberman B, Franklin M, Hogg T (1999) Enhancing privacy and trust in electronic communities. Proc ACM e-Commerce 99:78-86
19. ITU-T ITU-T X.509 (1998) The Directory - An Authentication Framework. ITU-T
20. Kailar R (1995) Reasoning about accountability in protocols for electronic commerce. In: Proceedings of the 1995 IEEE Symposium on Security and Privacy. IEEE Computer Society Press, Los Alamitos, CA, pp 236-250
21. Kessler V, Wedel G (1994) AUTLOG - An advanced logic of authentication. In: Proceedings of the 7th IEEE Computer Security Foundations Workshop, Los Alamitors. IEEE Computer Society Press, Los Alamitos, CA, pp 90-99
22. Kohl J, Neuman C (1990) The Kerberos Network Authentication Service. Version 5 RFC, Drft No 4, Network Working Group, MIT Project Athena
23. Meadows C (1996) The NRL Protocol Analyzer: An overview. J Logic Program 26(2):113-131
24. Meadows C, Syverson P (1998) A formal specification of requirements for payment transactions in the SET protocol. In: Hirschfeld R (ed) Proceedings of Financial Cryptography 98. Lecture Notes in Computer Science 1465:122-140. Springer-Verlag, Berlin
25. Millen JC (1995) The Interrogator Model. In: Proceeding of the 1995 IEEE Symposium on Security and Privacy. IEEE Computer Society Press, Los Alamitos, CA, pp 251-260
26. Needham R, Schroeder M (1978) Using encryption for authentication in large networks of computers. Commun ACM 21(12):993-999
27. Neuman B, Ts'o T (1994) Kerberos: An authentication service for computer networks. IEEE Commun 32(9):33-38
28. SET Secure Electronic Transaction Specification, Book 1: Business Description, Version 1.0
29. SET Secure Electronic Transaction Specification, Book 2: Programmer's Guide, Version 1.0.
30. SET Secure Electronic Transaction Specification, Book 3: Formal Protocol Definition, Version 1.0
31. Sherif MH (2000) Protocols for Secure Electronic Commerce. CRC Press, Boca Raton, FL
32. Syverson P (1994) A taxonomy of replay attacks. In: Proceedings of the 7th IEEE Computer Security Foundations Workshop. IEEE Computer Society Press, Los Alamitos, CA, pp 131-136