CAJ | 학술논문

针对目前安全协议的设计方法存在方法抽象、适用范围小及复杂的特点,提出了一种新的安全协议设计方法.先给出协议中基件与组件的定义,分析组件的安全属性并基于组件设计能实现相应安全目标的单步协议;定义组合规则,确保不同的单步协议能够组合成为一个复合协议,同时各个单步协议还能实现各自的安全目标.至此,根据具体的应用背景选择合适的单步协议按照组合规则组合后便可得到满足需求的安全协议.该组合方法可将一个复杂协议分解为若干简单的单步协议,使得协议的设计与分析都易于实现.
침대목전안전협의적설계방법존재방법추상、괄용범위소급복잡적특점,제출료일충신적안전협의설계방법.선급출협의중기건여조건적정의,분석조건적안전속성병기우조건설계능실현상응안전목표적단보협의;정의조합규칙,학보불동적단보협의능구조합성위일개복합협의,동시각개단보협의환능실현각자적안전목표.지차,근거구체적응용배경선택합괄적단보협의안조조합규칙조합후편가득도만족수구적안전협의.해조합방법가장일개복잡협의분해위약간간단적단보협의,사득협의적설계여분석도역우실현.
Since the present design methods for security protocol are characterized by being Abstract, narrow application range and complexity, this paper presented a new approach to design security protocol. Firstly, it defined the concepts of the base case and the component in the protocol. Secondly, it analyzed the security attributes on the components, and designed the single-step protocols whieh can implement the special security goals based on the components. Finally, it defined composition rules allowing the combination of several single-step protocols part into a complicated protocol The rules cannot destroy the security properties established by each independent part. Then it can design socurity protocol by the choice and composition of the single-step protocols in speeific application situation, In other words, the composition framework permits the specification of a complex protocol to be decomposed into the specifications of simpler single-step protocols, and thus making the design and verification of the protocol easier to handle.