Designing a security protocol is a complex process that requires a deep understanding of security principles and best practices. To ensure protocol effectiveness and resilience against attacks, it is important to strengthen security by design by supporting the designer with an easy-to-use, concise, and simple notation to design security protocols in a way that the protocol model could be easily mapped into the input model a verification tool to guarantee security properties. To achieve the goal of developing a DSL language for security protocol design, working as the front-end and easy-to-use language of a formal framework able to support different back-end tools for security protocol analysis, we present the abstract and concrete syntaxes of the Kant (Knowledge ANalysis of Trace) language. We also present a set of validation rules that we have defined to help the designer, already at design time, to avoid common security errors or to warn him/her regarding choices that might lead to protocol vulnerabilities. The effectiveness of Kant’s expressiveness is discussed in terms of a number of case studies where Kant has been used for modeling protocols.
Kant: A Domain-Specific Language for Modeling Security Protocols / C. Braghin, M. Lilli, E. Riccobene, E. Notari, M. Baba - In: Proceedings of the 12th International Conference on Model-Based Software and Systems Engineering MODELSWARD. 1 / [a cura di] F.J. Domínguez Mayo, L. Ferreira Pires, E. Seidewitz. - [s.l] : SciTePress, 2024. - ISBN 978-989-758-682-8. - pp. 62-73 (( convegno Conference on Model-Based Software and Systems Engineering (MODELSWARD) tenutosi a Roma nel 2024 [10.5220/0012386400003645].
Kant: A Domain-Specific Language for Modeling Security Protocols
C. BraghinPrimo
;M. Lilli;E. Riccobene;
2024
Abstract
Designing a security protocol is a complex process that requires a deep understanding of security principles and best practices. To ensure protocol effectiveness and resilience against attacks, it is important to strengthen security by design by supporting the designer with an easy-to-use, concise, and simple notation to design security protocols in a way that the protocol model could be easily mapped into the input model a verification tool to guarantee security properties. To achieve the goal of developing a DSL language for security protocol design, working as the front-end and easy-to-use language of a formal framework able to support different back-end tools for security protocol analysis, we present the abstract and concrete syntaxes of the Kant (Knowledge ANalysis of Trace) language. We also present a set of validation rules that we have defined to help the designer, already at design time, to avoid common security errors or to warn him/her regarding choices that might lead to protocol vulnerabilities. The effectiveness of Kant’s expressiveness is discussed in terms of a number of case studies where Kant has been used for modeling protocols.File | Dimensione | Formato | |
---|---|---|---|
123864.pdf
accesso riservato
Tipologia:
Publisher's version/PDF
Dimensione
434.36 kB
Formato
Adobe PDF
|
434.36 kB | Adobe PDF | Visualizza/Apri Richiedi una copia |
Pubblicazioni consigliate
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.