Title | ||
---|---|---|
Message confidentiality testing of security protocols: passive monitoring and active checking |
Abstract | ||
---|---|---|
Security protocols provide critical services for distributed communication infrastructures. However, it is a challenge to ensure the correct functioning of their implementations, particularly, in the presence of malicious parties. We study testing of message confidentiality – an essential security property. We formally model protocol systems with an intruder using Dolev-Yao model. We discuss both passive monitoring and active testing of message confidentiality. For adaptive testing, we apply a guided random walk that selects next input on-line based on transition coverage and intruder's knowledge acquisition. For mutation testing, we investigate a class of monotonic security flaws, for which only a small number of mutants need to be tested for a complete checking. The well-known Needham-Schroeder-Lowe protocol is used to illustrate our approaches. |
Year | DOI | Venue |
---|---|---|
2006 | 10.1007/11754008_23 | TestCom |
Keywords | DocType | Volume |
dolev-yao model,security protocol,essential security property,message confidentiality testing,model protocol system,well-known needham-schroeder-lowe protocol,message confidentiality,mutation testing,passive monitoring,adaptive testing,active testing,monotonic security flaw,active checking,random walk | Conference | 3964 |
ISSN | ISBN | Citations |
0302-9743 | 3-540-34184-6 | 7 |
PageRank | References | Authors |
0.47 | 24 | 2 |
Name | Order | Citations | PageRank |
---|---|---|---|
Guoqiang Shu | 1 | 72 | 6.15 |
David Lee | 2 | 195 | 21.40 |