Stéphane Lafrance, John Mullins
Article (2003)
|
Open Access to the full text of this document Published Version Terms of Use: All rights reserved Download (321kB) |
Show abstract
Hide abstract
Abstract
Meadows recently proposed a formal cost-based framework for the analysis of denial of service, showing how to formalize some existing principles used to make cryptographic protocols more resistant to denial of service by comparing the cost to the defender against the cost to the attacker. The first contribution of this paper is to introduce a new security property called impassivity designed to capture the ability of a protocol to achieve these goals in the framework of a generic value-passing process algebra called Security Process Algebra ( SPPA) extended with local function calls, cryptographic primitives and special semantic features in order to handle cryptographic protocols. Impassivity is defined as an information flow property founded on bisimulation-based non-deterministic admissible interference. A sound and complete proof method for impassivity is provided. The method extends previous results of the authors on bisimulation-based non-deterministic admissible interference and its application to the analysis of cryptographic protocols. It is illustrated by its application to the TCP/IP protocol.
Uncontrolled Keywords
Denial of service; Protocols; Admissible interference; Bisimulation; Equivalence-checking
Subjects: |
2700 Information technology > 2700 Information technology 2700 Information technology > 2706 Software engineering 2700 Information technology > 2713 Algorithms |
---|---|
Department: | Department of Computer Engineering and Software Engineering |
PolyPublie URL: | https://publications.polymtl.ca/3381/ |
Journal Title: | Journal of Universal Computer Science (vol. 9, no. 11) |
Publisher: | J.UCS Consortium |
DOI: | 10.3217/jucs-009-11-1350 |
Official URL: | https://doi.org/10.3217/jucs-009-11-1350 |
Date Deposited: | 17 Jan 2019 15:18 |
Last Modified: | 11 Nov 2022 13:49 |
Cite in APA 7: | Lafrance, S., & Mullins, J. (2003). An information flow method to detect denial of service vulnerabilities. Journal of Universal Computer Science, 9(11), 1350-1369. https://doi.org/10.3217/jucs-009-11-1350 |
---|---|
Statistics
Total downloads
Downloads per month in the last year
Origin of downloads
Dimensions