1-2hit |
Yi LIU Qingkun MENG Xingtong LIU Jian WANG Lei ZHANG Chaojing TANG
Electronic payment protocols provide secure service for electronic commerce transactions and protect private information from malicious entities in a network. Formal methods have been introduced to verify the security of electronic payment protocols; however, these methods concentrate on the accountability and fairness of the protocols, without considering the impact caused by timeliness. To make up for this deficiency, we present a formal method to analyze the security properties of electronic payment protocols, namely, accountability, fairness and timeliness. We add a concise time expression to an existing logical reasoning method to represent the event time and extend the time characteristics of the logical inference rules. Then, the Netbill protocol is analyzed with our formal method, and we find that the fairness of the protocol is not satisfied due to the timeliness problem. The results illustrate that our formal method can analyze the key properties of electronic payment protocols. Furthermore, it can be used to verify the time properties of other security protocols.
Victor R. L. SHEN Feng-Ho KUO Feipei LAI
As expert system technology gains wider acceptance in digital system design, the need to build and maintain a large scale knowledge base will assume greater importance. However, how to build a correct and efficient rule base is even a hard part in the knowledge-based system development. In this paper, we develop FARHDL (Frame-And-Rule-based Hardware Description Language) to form a knowledge base. The FARHDL is simple but powerful to specify the hardware requirements and can be directly simulated by PROLOG. Through the knowledge base transformed from FARHDL, a formal method can be developed to design, implement, and validate the digital hardware systems. Furthermore, behavioral properties, anomaly properties, structural properties, and timing properties are applied to analyze the requirements specification. The purposes of those properties are used to detect explicit/implicit incorrect specification clauses and to capture some desired requirements, such as completeness and consistency. Finally, the analysis results can be a useful tool for finding obscure problems in tricky digital system designs and can also aid in the development of formal specifications.