A Proposed Framework for Analysing Security Ceremonies

Add to your list(s) Download to your calendar using vCal

• Jean Martina (Federal University of Santa Catarina / Brazil)
• Tuesday 28 February 2012, 13:00-14:00
• Computer Laboratory, William Gates Building, Room SS03.

If you have a question about this talk, please contact William Denman.

The concept of ceremony as an extension to network and security protocols was introduced by Ellison. No methods or tools to check correctness or the properties in such ceremonies are currently available. The applications for security ceremonies are vast and ll gaps left by strong assumptions in security protocols, like provisioning of cryptographic keys or correct human interaction. Moreover, no tools are available to check how knowledge is distributed among human peers and in their interaction with other humans and computers in these scenarios. The key component in this paper is the formalisation of human knowledge distribution in security ceremonies. By properly enlisting human expectations and interactions in security protocols, we can minimise the ill-described assumptions we usually see failing. Taking such issues into account when designing or verifying protocols can help us to better understand where protocols are more prone to break due to human constraints.

This talk is part of the Computer Laboratory Automated Reasoning Group Lunches series.

This talk is included in these lists:

• All Talks (aka the CURE list)
• Computer Laboratory Automated Reasoning Group Lunches
• Computer Laboratory Security Group - Talks of Interest
• Computer Laboratory Security Seminar
• Computer Laboratory talks
• Computer Laboratory, William Gates Building, Room SS03
• School of Technology
• de239's list

Note that ex-directory lists are not shown.