一种安全协议的规范化设计方法
A Standardized Method of Security Protocol Design
-
摘要: 提出了应用组合方法进行安全协议的规范化设计,给出了协议中基件与组件的定义,分析了组件的安全属性,及基于组件设计能实现相应安全目标的单步协议;定义了组合规则,确保不同的单步协议能够组合成为一个复合协议,同时各个单步协议还能实现各自的安全目标。至此,根据具体的应用背景选择合适的单步协议,按照组合规则组合后,便可得到满足需求的安全协议。该方法可将一个复杂协议分解为若干基于组件的简单单步协议,使得协议的设计与分析都易于实现。Abstract: We present a standardized method of security protocol design through composition,define the concepts of the base case and the component in the protocol,analyze the security attributes on the components,and design the single-step protocols which can implement the special security goals based on the components.The combination of several single-step protocols part into a complicated protocol without destroying the security properties established by each independent part.Then it can design security protocol by the context of specific applications based on the choice of the single-step protocols.In other words,the composition framework permits the specification of a complex protocol to be decomposed into the specifications of simpler single-step protocols based on the components,and thus makes the design and verification of the protocol easier to handle.