Modeling and Verification of Privacy Enhancing Protocols
Suriadi, Suriadi, Ouyang, Chun, Smith, Jason, & Foo, Ernest (2009) Modeling and Verification of Privacy Enhancing Protocols. In Breitman, Karin & Cavalcanti, Ana (Eds.) Modeling and Verification of Privacy Enhancing Protocols, Springer Berlin / Heidelberg, Rio de Janeiro, Brazil, pp. 127-146.
|Published Version (PDF 1MB) |
Administrators only | Request a copy from author
Privacy enhancing protocols (PEPs) are a family of protocols that allow secure exchange and management of sensitive user information. They are important in preserving users’ privacy in today’s open environment. Proof of the correctness of PEPs is necessary before they can be deployed. However, the traditional provable security approach, though well established for verifying cryptographic primitives, is not applicable to PEPs. We apply the formal method of Coloured Petri Nets (CPNs) to construct an executable specification of a representative PEP, namely the Private Information Escrow Bound to Multiple Conditions Protocol (PIEMCP). Formal semantics of the CPN specification allow us to reason about various security properties of PIEMCP using state space analysis techniques. This investigation provides us with preliminary insights for modeling and verification of PEPs in general, demonstrating the benefit of applying the CPN-based formal approach to proving the correctness of PEPs.
Citation countsare sourced monthly fromand citation databases.
These databases contain citations from different subsets of available publications and different time periods and thus the citation count from each is usually different. Some works are not in either database and no count is displayed. Scopus includes citations from articles published in 1996 onwards, and Web of Science® generally from 1980 onwards.
Citations counts from theindexing service can be viewed at the linked Google Scholar™ search.
|Item Type:||Conference Paper|
|Keywords:||coloured petri nets, state space analysis, privacy protocols, anonymous credential system, security|
|Subjects:||Australian and New Zealand Standard Research Classification > INFORMATION AND COMPUTING SCIENCES (080000) > COMPUTATION THEORY AND MATHEMATICS (080200) > Computational Logic and Formal Languages (080203)|
Australian and New Zealand Standard Research Classification > INFORMATION AND COMPUTING SCIENCES (080000) > COMPUTATION THEORY AND MATHEMATICS (080200) > Applied Discrete Mathematics (080202)
|Divisions:||Past > QUT Faculties & Divisions > Faculty of Science and Technology|
Past > Schools > School of Information Technology
Past > Institutes > Information Security Institute
Past > Schools > School of Information Systems
|Copyright Owner:||Copyright 2009 Springer-Verlag Berlin Heidelberg|
|Deposited On:||20 Jan 2010 14:30|
|Last Modified:||01 Mar 2012 00:04|
Repository Staff Only: item control page