| dc.contributor.advisor | Hogrefe, Dieter Prof. Dr. | |
| dc.contributor.author | Al-Shadly, Saleh | |
| dc.date.accessioned | 2014-02-12T09:11:42Z | |
| dc.date.available | 2014-02-12T09:11:42Z | |
| dc.date.issued | 2014-02-12 | |
| dc.identifier.uri | http://hdl.handle.net/11858/00-1735-0000-0022-5E24-0 | |
| dc.identifier.uri | http://dx.doi.org/10.53846/goediss-4357 | |
| dc.identifier.uri | http://dx.doi.org/10.53846/goediss-4357 | |
| dc.identifier.uri | http://dx.doi.org/10.53846/goediss-4357 | |
| dc.language.iso | eng | de |
| dc.rights.uri | http://creativecommons.org/licenses/by-nc-nd/3.0/ | |
| dc.subject.ddc | 510 | de |
| dc.title | Verification of Security Properties Using Formal Techniques | de |
| dc.type | doctoralThesis | de |
| dc.contributor.referee | Hogrefe, Dieter Prof. Dr. | |
| dc.date.examination | 2013-04-09 | |
| dc.description.abstracteng | Nowadays, the necessity of developing collaborative and distributed computing systems
makes networks, and specially Internet, the key element of the system design
process. Several new applications have been appeared in the Internet which require
a variety of security requirements must be ful lled. There are applications that exchange
sensitive and private information which must be secret and authentic. Other
applications (i.e. real-time applications) which require a certain level of quality of
service should be maintained. Thus, the traditional solutions can not ful ll the new
requirements. Usually, requirements such as con dentiality and integrity are provided
using cryptography. In current computing systems, cryptography should not
only provide those requirements but also it must guarantee other security requirements
such as non-repudiation, anonymity, DoS-resistance, and so on. Consequently,
new security protocols must be proposed in order to cover the continuous needs.
Due to distributed nature of security protocols and the hostile environment where
they are usually executed, the design of correct security protocols is di cult and
error-prone. Thus, analyzing their correctness is a crucial task. Formal methods
have been intensively used for analyzing con dentiality and integrity requirements
and there exists several automated tools for such analysis. However, the use of formal
methods for analyzing requirements such as DoS-resistance is still not mature
and an emergent eld. This research is concerned to study the application of formal
techniques in speci cation and veri cation of security requirements focusing on authentication,
secrecy and DoS-resistance requirements. Additionally, an attempt to
quantify the impact of denial of service attacks on the network and evaluate their
defense mechanisms is also presented.
Speci c outcomes of this work include:
A comprehensive survey of most important formal techniques and tools for
speci cation and veri cation of security protocols;
Analysis of authentication and secrecy requirements of an authentication protocol
of inter-domain handover using AVISPA toolkit;
Presenting the state-of-art of formal techniques of denial of modeling and
analysis of service as well as other DoS basic knowledge such as types of DoS
attacks, attack tools, defense mechanisms and strategies, etc;
Quantifying the impact of DoS attacks on networks and evaluating their active
defenses through simulation, and
Outlook for automating Meadows's cost-based framework using probabilistic
model checking. | de |
| dc.contributor.coReferee | Fu, Xiaoming Prof. Dr. | |
| dc.contributor.thirdReferee | Grabowski, Jens Prof. Dr. | |
| dc.contributor.thirdReferee | Eckart, Modrow Prof. Dr. | |
| dc.contributor.thirdReferee | Rieck, Konrad Prof. Dr. | |
| dc.contributor.thirdReferee | Waack, Stephan Prof. Dr. | |
| dc.subject.eng | Model checking | de |
| dc.subject.eng | Security protocols | de |
| dc.subject.eng | Security properties | de |
| dc.subject.eng | Formal methods | de |
| dc.subject.eng | Formal techniques | de |
| dc.identifier.urn | urn:nbn:de:gbv:7-11858/00-1735-0000-0022-5E24-0-3 | |
| dc.affiliation.institute | Fakultät für Mathematik und Informatik | de |
| dc.subject.gokfull | Informatik (PPN619939052) | de |
| dc.identifier.ppn | 778399419 | |