Tuesday, March 4, 2008

Insights into modeling security protocols by goal oriented models.

As I said earlier, I am working on goal oriented models for security concepts. I’d like to show you what a goal model is. Here is an example of a goal model developed by i* modeling notation. As you can see, this approach to modeling the systems supports goal and tasks decompositions, expressing dependency chains, and impacts of goals in each other.

Goal oriented models, often do not contain temporal information. This makes them the worst choice for expressing protocols, since the first required concept for modeling protocols are concept of sequence. But why I am still interested to express security protocols by goal models? An authentication protocol can be very complicated. A description of the protocol and sequences of messages may not be untreatable as long as you don’t know why a message is sent to a party, or why it is encrypted or why it is not. Also, it is interesting to know due to threat of what kind of attack or security goal a message is encrypted. This may help first understanding the sequence diagram of a protocol, and then it opens doors to further formal verification. Here where I need to study BAN in more detail.

No comments: