Chapter 3. Expressing protocol goals
Protocols are designed to achieve particular security properties in the presence of particular kinds and levels of threat. It should thus be part of the specification of the protocol to make explicit the kind of threat that it is designed to counter. For example, protocols for communication over satellite links might assume that a message can be overheard, that spoof messages can be generated, but that messages cannot be blocked. Alternatively, protocols might be designed for protection against an external intruder, but might rely on the assumption that all principals are honest. The threat models we have discussed are fairly generic, and for secrecy and authentication we will implicitly assume (unless stated ...
Get The Modelling and Analysis of Security Protocols: the CSP Approach now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.