Automatic Abstraction Generation : How to Make an Expert Verification Technique for Security Protocols available to Non-expert Users
Résumé
The security problem for protocols with an unbounded number of sessios is in general undecidable. However, a solution may consist of performing reachability analysis on safety-preserving abstractions of security protocols. In order to make this technique available for high level specification languages like HLPSL and PROUVE, we define safe and sound abstractions of protocol transition systems into rewriting systems. These abstractions allow the automated generation of approximation functions to ensure soundness of the reachability analysis. As our main purpose is to automate in so far as possible the analysis of protocols for an unbounded number of sessions, our abstraction/approximation based approach provides an efficient verification tool, TA4SP. This way, the requirement of an expert user can be removed from the verification chain.
Origine : Fichiers produits par l'(les) auteur(s)