A Declarative Model for Reasoning about Form Security

Aaron Hunter

doi:10.5220/0005213604200425

A Declarative Model for Reasoning about Form Security

Aaron Hunter

2015

Abstract

We introduce a formal methodology for analysing the security of digital forms, by representing form signing procedures in a declarative action formalism. In practice, digital forms are represented as XML documents and the security of information is guaranteed through the use of digital signatures. However, the security of a form can be compromised in many different ways. For example, an honest agent might be convinced to make a commitment that they do not wish to make or they may be fooled into believing that another agent has committed to something when they have not. In many cases, these attacks do not require an intruder to break any form of encryption or digital signature; instead, the intruder simply needs to manipulate the way signatures are applied and forms are passed between agents. In this paper, we demonstrate that form signing procedures can actually be seen as a variation of the message passing systems used in connection with cryptographic protocols. We start with an existing declarative model for reasoning about cryptographic protocols in the Situation Calculus, and we show how it can be extended to identify security issues related to digital signatures, and form signing procedures. We suggest that our results could be used to help users create secure digital forms, using tools such as IBM’s Lotus Forms software.

Download

Paper Citation

in Harvard Style

Hunter A. (2015). A Declarative Model for Reasoning about Form Security . In Proceedings of the International Conference on Agents and Artificial Intelligence - Volume 2: ICAART, ISBN 978-989-758-074-1, pages 420-425. DOI: 10.5220/0005213604200425

in Bibtex Style

@conference{icaart15,
author={Aaron Hunter},
title={A Declarative Model for Reasoning about Form Security},
booktitle={Proceedings of the International Conference on Agents and Artificial Intelligence - Volume 2: ICAART,},
year={2015},
pages={420-425},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0005213604200425},
isbn={978-989-758-074-1},
}

in EndNote Style

TY - CONF
JO - Proceedings of the International Conference on Agents and Artificial Intelligence - Volume 2: ICAART,
TI - A Declarative Model for Reasoning about Form Security
SN - 978-989-758-074-1
AU - Hunter A.
PY - 2015
SP - 420
EP - 425
DO - 10.5220/0005213604200425