Designing a security protocol is a complex process that requires a deep understanding of security principles and best practices. To ensure protocol effectiveness and resilience against attacks, it is important to strengthen security by design by supporting the designer with an easy-to-use, concise, and simple notation to design security protocols in a way that the protocol model could be easily mapped into the input model a verification tool to guarantee security properties. To achieve the goal of developing a DSL language for security protocol design, working as the front-end and easy-to-use language of a formal framework able to support different back-end tools for security protocol analysis, we present the abstract and concrete syntaxes of the Kant (Knowledge ANalysis of Trace) language. We also present a set of validation rules that we have defined to help the designer, already at design time, to avoid common security errors or to warn him/her regarding choices that might lead to protocol vulnerabilities. The effectiveness of Kant’s expressiveness is discussed in terms of a number of case studies where Kant has been used for modeling protocols.

Kant: A Domain-Specific Language for Modeling Security Protocols / C. Braghin, M. Lilli, E. Riccobene, E. Notari, M. Baba - In: Proceedings of the 12th International Conference on Model-Based Software and Systems Engineering MODELSWARD. 1 / [a cura di] F.J. Domínguez Mayo, L. Ferreira Pires, E. Seidewitz. - [s.l] : SciTePress, 2024. - ISBN 978-989-758-682-8. - pp. 62-73 (( convegno Conference on Model-Based Software and Systems Engineering (MODELSWARD) tenutosi a Roma nel 2024 [10.5220/0012386400003645].

Kant: A Domain-Specific Language for Modeling Security Protocols

C. Braghin
Primo
;
M. Lilli;E. Riccobene;
2024

Abstract

Designing a security protocol is a complex process that requires a deep understanding of security principles and best practices. To ensure protocol effectiveness and resilience against attacks, it is important to strengthen security by design by supporting the designer with an easy-to-use, concise, and simple notation to design security protocols in a way that the protocol model could be easily mapped into the input model a verification tool to guarantee security properties. To achieve the goal of developing a DSL language for security protocol design, working as the front-end and easy-to-use language of a formal framework able to support different back-end tools for security protocol analysis, we present the abstract and concrete syntaxes of the Kant (Knowledge ANalysis of Trace) language. We also present a set of validation rules that we have defined to help the designer, already at design time, to avoid common security errors or to warn him/her regarding choices that might lead to protocol vulnerabilities. The effectiveness of Kant’s expressiveness is discussed in terms of a number of case studies where Kant has been used for modeling protocols.
Language Validation; Model-Driven Language Engineering; Security Protocol Specification and Analysis
Settore INF/01 - Informatica
2024
Book Part (author)
File in questo prodotto:
File Dimensione Formato  
123864.pdf

accesso riservato

Tipologia: Publisher's version/PDF
Dimensione 434.36 kB
Formato Adobe PDF
434.36 kB Adobe PDF   Visualizza/Apri   Richiedi una copia
Pubblicazioni consigliate

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/2434/1091172
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 0
  • ???jsp.display-item.citation.isi??? ND
social impact