Security protocol participants are software and/or hardware agents that are - as with any system - potentially vulnerable to failure. Protocol analysis should extend not just to an analysis of the protocol specification, but also to its implementation and configuration in its target environment. However, an in-depth formal analysis that considers the behaviour and interaction of all components in their environment is not feasible in practice. This paper considers the analysis of protocol deployment rather than implementation. Instead of concentrating on detailed semantics and formal verification of the protocol and implementation, we are concerned more with with the ability to trace, at a practical level of abstraction, how the protocol deployment, that is, the configuration of the protocol components, relate to each other and the overall protocol goals. We believe that a complete security verification of a system is not currently achievable in practice and seek some degree of useful feedback from an analysis that a particular protocol deployment is reasonable. © 2011 Springer-Verlag.
CITATION STYLE
Foley, S. N., Bella, G., & Bistarelli, S. (2011). Security protocol deployment risk. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 6615 LNCS, pp. 12–20). https://doi.org/10.1007/978-3-642-22137-8_3
Mendeley helps you to discover research relevant for your work.