A NOVEL METHODOLOGY TO DESIGN SECURITY PROTOCOLS BASED ON A NEW SET OF DESIGN PRINCIPLES

Rosa Elena Di Costanzo, Luciano Chirinos

Abstract


This paper presents a novel design methodology based on a new set of design principles to develop step-by-step security protocols for up to three participants, guiding the designer on each step. It accompanies the designer through a succession of six abstraction levels proposed in this work: protocol objectives, protocol constraints, security mechanisms, message flow, protocol conformation and authentication tests. The methodology proposed is based on a new set of design principles extracted from different sources and combined using the systemic approach, which considers the designer and client’s security and functional needs. The resulting model separates highlevel tasks from implementation details, allowing the designer to specify the security requirements and functionality desired for each abstraction level. Consequently, the protocol design is linked with the best-fitting design principle. To corroborate the results of the methodology, the resulting protocol in the Alice and Bob notation in the fifth level is tested using the “Strand Spaces” Model. The Needham-Schroeder protocol with symmetric keys was successfully used as a test. The security goals achieved were: authentication, confidentiality, integrity, and non-repudiation.

Full Text:

PDF


DOI: http://dx.doi.org/10.19044/esj.2014.v10n3p%25p


European Scientific Journal (ESJ)

 

ISSN: 1857 - 7881 (Print)
ISSN: 1857 - 7431 (Online)

 

Contact: contact@eujournal.org

To make sure that you can receive messages from us, please add the 'eujournal.org' domain to your e-mail 'safe list'. If you do not receive e-mail in your 'inbox', check your 'bulk mail' or 'junk mail' folders.




Publisher: European Scientific Institute, ESI.
ESI cooperates with Universities and Academic Centres on 5 continents.