Design of Entrusting Protocols for Software Protection

Desnitsky, Vasily; Kotenko, Igor

doi:10.1007/978-3-642-00304-2_21

Vasily Desnitsky⁵ &
Igor Kotenko⁵

Part of the book series: Lecture Notes in Geoinformation and Cartography ((LNGC))

812 Accesses
1 Citations

Abstract

The paper considers the problem of design and analysis of entrusting protocols used within software protection mechanisms, including the protection mechanisms for Geographical Information Systems (GIS). The main goal of these mechanisms is to protect software against malicious tampering accomplished by potential intruders. The given protocol set is intended for data exchange between the trusted server and the client program being protected as necessary for the entire protection mechanism function. The paper presents the main security requirements for the entrusting protocols and their analysis. The model of the intruder attempting to fulfill attacks on the protocol to compromise it as well as issues connected with protocol implementation are considered. We propose the general technique to design these types of protocols, including formal methods of protocol construction and analysis. Specifically, besides conventional protocol development methods that embrace the search of possible attacks on the protocol (including formal means), consequent protocol correction, and formal verification, the paper considers the methods of automatic synthesis proposing correct-by-construction protocol design.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 129.00; Price excludes VAT (USA)

Softcover Book: USD 169.99; Price excludes VAT (USA)

Hardcover Book: USD 169.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

References

Bellare M, Canetti R, and Krawczyk H (1996) Keying hash functions for message authentication, Advances in Cryptology. CRYPTO '96. Lecture Notes in Computer Science, vol 1109, Springer-Verlag
Google Scholar
Boichut Y, Heam P-C, Kouchnarenko O (2005) Automatic Verification of Security Protocols Using Approximations, INRIA Research ReportBoichut Y, Heam P-C, Kouchnarenko O (2005) Automatic Verification of Security Protocols Using Approximations, INRIA Research Report
Google Scholar
Ceccato M, Ofek Y, and Tonella P (2008) Remote entrusting by run- time software authentication. SOFSEM 2008 - Conference on Current Trends in Theory and Practice of Computer Science, Tatras, Slovakia
Google Scholar
Cederquist J, Dashti MT (2006) An intruder model for verifying liveness in security protocols. In: Proceedings of the fourth ACM workshop on Formal methods in security, Alexandria, Virginia, USA
Google Scholar
Chen H (2007) A Search-Based Framework for Security Protocol Synthesis. The University of York, Department of Computer Science
Google Scholar
Ellison C, Schneier B (2000) Ten Risks of PKI: What you're not being told about public key infrastructure. J Computer Security Journal 16(1)
Google Scholar
Khan AS, Mukund M, Suresh SP (2005) Generic verification of security protocols. In: Proceedings of SPIN 2005, LNCS, vol 3639
Google Scholar
Lampson B, Abadi M, Burrows M, Wobber E (1992) Authentication in distributed systems: theory and practice. ACM Trans. on Computer Systems 10( 4)
Google Scholar
Plasto D (2004) Automated analysis of industrial scale security protocols. Bond University, Faculty of Information Technology
Google Scholar
Zhou H, Foley SN (2003) Fast Automatic Synthesis of Security Protocols using Backward Search. In: Proceedings of the 2003 ACM Workshop on Formal Methods in Security Engineering (FMSE'03). Washington, DC
Google Scholar
Zhou H, Foley SN (2004) A collaborative approach to autonomic security protocols. In: Proceedings of the 2004 workshop on New Security Paradigms. Canada
Google Scholar

Download references

Author information

Authors and Affiliations

St. Petersburg Institute for Informatics and Automation of RAS, Liniya V.O, Petersburg, 199178, Russia
Vasily Desnitsky & Igor Kotenko

Authors

Vasily Desnitsky
View author publications
You can also search for this author in PubMed Google Scholar
Igor Kotenko
View author publications
You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Vasily Desnitsky .

Editor information

Editors and Affiliations

39, 14th Linia, V.O., 199178, St. Petersburg, Russia
Vasily V. Popovich (Deputy Director of SPIIRAS for Research, Professor, Dr Sci Tech) (Deputy Director of SPIIRAS for Research, Professor, Dr Sci Tech)
Naval Academy Research Institute, Lanveoc-Poulmic BP 600, F-29240, Brest Naval, France
Christophe Claramunt
GmbH Central European Institute of Technology Department of Urbanism, Transport, Environment and Information Society, CEIT ALANOVA gemeinnützige, Am Concorde Park 2, Gebäude F, A-2320, Schwechat, Austria
Manfred Schrenk
B1320 1176 Howell St., Newport, RI, 02841-1708, USA
Kyrill V. Korolenko P.E. (Chief Scientist/NUWC Code 1543) (Chief Scientist/NUWC Code 1543)

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Desnitsky, V., Kotenko, I. (2009). Design of Entrusting Protocols for Software Protection. In: Popovich, V.V., Claramunt, C., Schrenk, M., Korolenko, K.V. (eds) Information Fusion and Geographic Information Systems. Lecture Notes in Geoinformation and Cartography. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-00304-2_21

Download citation

DOI: https://doi.org/10.1007/978-3-642-00304-2_21
Published: 07 April 2009
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-00303-5
Online ISBN: 978-3-642-00304-2
eBook Packages: Earth and Environmental ScienceEarth and Environmental Science (R0)

Publish with us

Policies and ethics