A Proposed Framework for Analysing Security Ceremonies

Marcelo Carlomagno Carlos; Jean Everson Martina; Geraint Price; Ricardo Felipe Custódio

doi:10.5220/0004129704400445

A Proposed Framework for Analysing Security Ceremonies

Marcelo Carlomagno Carlos, Jean Everson Martina, Geraint Price, Ricardo Felipe Custódio

2012

Abstract

The concept of a ceremony as an extension of network and security protocols was introduced by Ellison. There are no currently available methods or tools to check correctness of the properties in such ceremonies. The potential application for security ceremonies are vast and fill gaps left by strong assumptions in security protocols. Assumptions include the provision of cryptographic keys and correct human interaction. Moreover, no tools are available to check how knowledge is distributed among human peers nor their interaction with other humans and computers in these scenarios. The key component of this position paper is the formalisation of human knowledge distribution in security ceremonies. By properly enlisting human expectations and interactions in security protocols, we can minimise the ill-described assumptions we usually see failing. Taking such issues into account when designing or verifying protocols can help us to better understand where protocols are more prone to break due to human constraints.

Download

Paper Citation

in Harvard Style

Carlomagno Carlos M., Everson Martina J., Price G. and Felipe Custódio R. (2012). A Proposed Framework for Analysing Security Ceremonies . In Proceedings of the International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2012) ISBN 978-989-8565-24-2, pages 440-445. DOI: 10.5220/0004129704400445

in Bibtex Style

@conference{secrypt12,
author={Marcelo Carlomagno Carlos and Jean Everson Martina and Geraint Price and Ricardo Felipe Custódio},
title={A Proposed Framework for Analysing Security Ceremonies},
booktitle={Proceedings of the International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2012)},
year={2012},
pages={440-445},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0004129704400445},
isbn={978-989-8565-24-2},
}

in EndNote Style

TY - CONF
JO - Proceedings of the International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2012)
TI - A Proposed Framework for Analysing Security Ceremonies
SN - 978-989-8565-24-2
AU - Carlomagno Carlos M.
AU - Everson Martina J.
AU - Price G.
AU - Felipe Custódio R.
PY - 2012
SP - 440
EP - 445
DO - 10.5220/0004129704400445