Abstract
Security protocols have been widely used to safeguard secure electronic transactions. We usually assume that principals are credible and shall not maliciously disclose their individual secrets to someone else. Nevertheless, it is impractical to completely ignore the possibility that some principals may collude in private to achieve a fraudulent or illegal purpose. Therefore, it is critical to address the possibility of collusion attacks in order to correctly analyse security protocols. This paper proposes a framework by which to detect collusion attacks in security protocols. The possibility of security threats from insiders is especially taken into account. The case study demonstrates that our methods are useful and promising in discovering and preventing collusion attacks.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Burrows, M., Abadi, M., Needham, R.: A logic for Authentication. ACM Transactions on Computer Systems 8(1), 18–36 (1990)
Zhang, C., Zhang, S.: Association Rule Mining: Models and Algorithms. In: Zhang, C., Zhang, S. (eds.) Association Rule Mining. LNCS (LNAI), vol. 2307. Springer, Heidelberg (2002)
Denning, D., Sacco, G.: Timestamp in Key Distribution Protocols. Communications of ACM 24(8), 533–536 (1981)
Chen, Q., Zhang, C., Zhang, S.: ENDL: A Logical Framework for Verifying Secure Transaction Protocols. Knowledge and Information Systems 7(1), 84–109 (2005)
Heintze, N., Tygar, J., Wing, J., Wong, H.: Model Checking Electronic Commerce Protocols. In: Proceedings of the 2nd USENIX Workshop on Electronic Commerce, Oakland, California, pp. 147–164 (November 1996)
Boneh, D., Shaw, J.: Collusion-secure fingerprinting for digital data. IEEE Transactions on Information Theory 44(5), 1897–1905 (1998)
Celik, M.U., Sharma, G., Tekalp, A.M.: Collusion-resilient fingerprinting using random pre-warping. In: Proceeding of IEEE International Conference of Image Processing, pp. 509–512 (2003)
Bratko, I.: Prolog Programming for Artificial Intelligence. Addison-Wesley, Reading (1990)
SET Secure Electronic Transaction Specification, Book 1: Business Description, Version 1.0, May 31 (1997)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2006 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Chen, Q., Chen, YP.P., Zhang, S., Zhang, C. (2006). Detecting Collusion Attacks in Security Protocols. In: Zhou, X., Li, J., Shen, H.T., Kitsuregawa, M., Zhang, Y. (eds) Frontiers of WWW Research and Development - APWeb 2006. APWeb 2006. Lecture Notes in Computer Science, vol 3841. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11610113_27
Download citation
DOI: https://doi.org/10.1007/11610113_27
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-31142-3
Online ISBN: 978-3-540-32437-9
eBook Packages: Computer ScienceComputer Science (R0)