## A Modeling Framework for the Development of Provably Secure E-Commerce Applications

Citations: | 3 - 1 self |

### BibTeX

@MISC{Moebius_amodeling,

author = {Nina Moebius and Dominik Haneberg and Wolfgang Reif and Gerhard Schellhorn},

title = {A Modeling Framework for the Development of Provably Secure E-Commerce Applications},

year = {}

}

### OpenURL

### Abstract

Abstract—Developing security-critical applications is very difficult and the past has shown that many applications turned out to be erroneous after years of usage. For this reason it is desirable to have a sound methodology for developing security-critical E-Commerce applications. We present an approach to model these applications with the unified modeling language (UML) [1] extended by a UML profile to tailor our models to security applications. Our intent is to (semi-) automatically generate a formal specification suitable for verification as well as an implementation from the model. Therefore we offer a development method seamlessly integrating semi-formal and formal methods as well as the implementation. This is a significant advantage compared to other approaches not dealing with all aspects from abstract models down to code. Based on this approach we can prove security properties on the abstract protocol level as well as the correctness of the protocol implementation in Java with respect to the formal model using the refinement approach. In this paper we concentrate on the modeling with UML and some details regarding the transformation of this model into the formal specification. We illustrate our approach on an electronic payment system called Mondex [10]. Mondex has become famous for being the target of the first ITSEC evaluation of the highest level E6 which requires formal specification and verification. I.

### Citations

635 | Breaking and fixing the needham-schroeder public-key protocol using fdr
- Lowe
- 1996
(Show Context)
Citation Context ...er and Communication Model To verify cryptographic protocols it is necessary to formally specify the communication infrastructure as well as an attacker model. Almost all formal approaches (e.g. [17] =-=[18]-=-) for verifying cryptographic protocols use a rather simple model of communication and the Dolev-Yao threat model.There, no constraints regarding the communication structure are given and it is assume... |

426 | The Inductive Approach to Verifying Cryptographic Protocols
- Paulson
- 1998
(Show Context)
Citation Context ...nts. A segment of the type document represented as a class diagram that is relevant for the paper is given in Fig. 6. The specification of documents corresponds to the definition of messages given in =-=[19]-=-. A document is either an empty document emptydoc, Fig. 6. Segment of the generic data type document an intdoc (containing an integer), a keydoc (containing a key), anoncedoc (containing a nonce), ase... |

364 |
Applying UML and patterns: An introduction to object-oriented analysis and design and the unified process. Englewood Cliffs
- Larman
- 2001
(Show Context)
Citation Context ...agrams that are used to build the formal model (see below). C. Conceptual Model The conceptual model of our application is comparable to a domain model known from object oriented software engineering =-=[16]-=-. It is a class diagram containing a set of conceptual classes, attributes and associations. Some UML elements are annotated with stereotypes that are needed to describe the applications we are intere... |

160 |
Secure Systems Development with UML
- Jürjens
- 2004
(Show Context)
Citation Context ...lementation is a refinement of the abstract formal model [4] by using the Java Calculus [8] [9] implemented in KIV. The major advantage of our approach with respect to other existing techniques (e.g. =-=[20]-=-) is that we give a method seamlessly integrating modelling, formal methods as well as an implementation. In this paper we describe the first part of the development process, i.e. the modeling of the ... |

112 | Inductive analysis of the Internet protocol TLS
- Paulson
(Show Context)
Citation Context ...ttacker and Communication Model To verify cryptographic protocols it is necessary to formally specify the communication infrastructure as well as an attacker model. Almost all formal approaches (e.g. =-=[17]-=- [18]) for verifying cryptographic protocols use a rather simple model of communication and the Dolev-Yao threat model.There, no constraints regarding the communication structure are given and it is a... |

70 |
Evolving Algebras 1993: Lipari Guide. Specification and Validation Methods
- Gurevich
- 1995
(Show Context)
Citation Context ...or generation of code. This is solved by defining a mapping from the semiformal to a formal presentation using Abstract State Machines (ASM). These have a well-defined and relatively simple semantics =-=[5]-=- [6]. Our formal specification is a combination of algebraic specifications and ASMs. Algebraic specifications are used for the description of the used data types as well as the attacker model. ASMs a... |

53 | Formal system development with KIV
- Balser, Reif, et al.
- 2000
(Show Context)
Citation Context ...c specifications are used for the description of the used data types as well as the attacker model. ASMs are used for the protocol dynamics. For verification we use the interactive theorem prover KIV =-=[7]-=-. Our aim is to generate Java resp. JavaCard code for smart card applications. Our group proposes a method to prove that an implementation is a refinement of the abstract formal model [4] by using the... |

26 |
Abstract State Machines–A Method for High-Level System Design and Analysis
- Börger, Stärk
- 2003
(Show Context)
Citation Context ...eneration of code. This is solved by defining a mapping from the semiformal to a formal presentation using Abstract State Machines (ASM). These have a well-defined and relatively simple semantics [5] =-=[6]-=-. Our formal specification is a combination of algebraic specifications and ASMs. Algebraic specifications are used for the description of the used data types as well as the attacker model. ASMs are u... |

22 | A formally verified calculus for full Java Card
- Stenzel
- 2004
(Show Context)
Citation Context ...erate Java resp. JavaCard code for smart card applications. Our group proposes a method to prove that an implementation is a refinement of the abstract formal model [4] by using the Java Calculus [8] =-=[9]-=- implemented in KIV. The major advantage of our approach with respect to other existing techniques (e.g. [20]) is that we give a method seamlessly integrating modelling, formal methods as well as an i... |

21 | The Mondex challenge: Machine checked proofs for an electronic purse
- Schellhorn, Grandy, et al.
- 2006
(Show Context)
Citation Context ...ML models International Conference on Software Engineering Advances(ICSEA 2007) 0-7695-2937-2/07 $25.00 © 2007 • The formulation and verification of security properties based on the formal model ([2] =-=[3]-=-) • The running code and the proof that the implementation is a refinement of the formal model ([4]) UML describes different views on various parts of a system. There exist several kinds of diagrams e... |

21 | First steps in the verified software grand challenge
- Woodcock
(Show Context)
Citation Context ...more, if a transaction fails, no money should be lost. The Mondex case study recently received a lot of attention because its formal verification has been set up as a challenge for verification tools =-=[11]-=- that several groups [14] [12] work on. For Mondex, several approaches dealing with formal methods and verification exist. But, they are not combined with an engineering discipline for system developm... |

19 | Tool supported Specification and Simulation of Distributed Systems
- Huber, Molterer, et al.
- 1998
(Show Context)
Citation Context ...es on the modeling of applications while our approach integrates a verification technique and generation of code. Another approach dealing with modeling of security-critical applications is Autofocus =-=[21]-=-. Autofocus is a CASE tool for the design and verification of distributed and embedded systems which uses a modeling language similar to UML. The verification is done automatically using a model-check... |

14 | A systematic verification approach for mondex electronic purses using ASMs
- Schellhorn, Grandy, et al.
- 2007
(Show Context)
Citation Context ...ils, no money should be lost. The Mondex case study recently received a lot of attention because its formal verification has been set up as a challenge for verification tools [11] that several groups =-=[14]-=- [12] work on. For Mondex, several approaches dealing with formal methods and verification exist. But, they are not combined with an engineering discipline for system development. This approach fills ... |

10 | W.: Verification of Mondex electronic purses with KIV: from transactions to a security protocol
- Haneberg, Schellhorn, et al.
(Show Context)
Citation Context ...he UML models International Conference on Software Engineering Advances(ICSEA 2007) 0-7695-2937-2/07 $25.00 © 2007 • The formulation and verification of security properties based on the formal model (=-=[2]-=- [3]) • The running code and the proof that the implementation is a refinement of the formal model ([4]) UML describes different views on various parts of a system. There exist several kinds of diagra... |

6 |
A framework to simulate UML models: moving from a semi-formal to a formal environment
- Cavarra, Riccobene, et al.
- 2004
(Show Context)
Citation Context ...ocus is a CASE tool for the design and verification of distributed and embedded systems which uses a modeling language similar to UML. The verification is done automatically using a model-checker. In =-=[22]-=- a framework to simulate UML models is presented. The authors introduce a mapping to translate UML models into Abstract State Machines. Afterwards the models are simulated with the aim of finding inco... |

3 |
A Refinement Method for Java Programs
- Grandy, Stenzel, et al.
- 2007
(Show Context)
Citation Context ...5.00 © 2007 • The formulation and verification of security properties based on the formal model ([2] [3]) • The running code and the proof that the implementation is a refinement of the formal model (=-=[4]-=-) UML describes different views on various parts of a system. There exist several kinds of diagrams emphasizing different aspects of an application. In our approach we use class diagrams to model the ... |

2 |
Verification of Java Card Programs,” Ph.D. dissertation, Universität Augsburg, Fakultät für Angewandte Informatik,URL: http://www.opus-bayern.de/uni-augsburg/volltexte/2005/122/,or http://www.informatik.uni-augsburg.de/forschung/dissertations
- Stenzel
- 2005
(Show Context)
Citation Context ... generate Java resp. JavaCard code for smart card applications. Our group proposes a method to prove that an implementation is a refinement of the abstract formal model [4] by using the Java Calculus =-=[8]-=- [9] implemented in KIV. The major advantage of our approach with respect to other existing techniques (e.g. [20]) is that we give a method seamlessly integrating modelling, formal methods as well as ... |

1 |
no title yet
- Jones, Woodcock, et al.
(Show Context)
Citation Context ...no money should be lost. The Mondex case study recently received a lot of attention because its formal verification has been set up as a challenge for verification tools [11] that several groups [14] =-=[12]-=- work on. For Mondex, several approaches dealing with formal methods and verification exist. But, they are not combined with an engineering discipline for system development. This approach fills the g... |

1 |
The Mondex Case Study: From Specifications to Code,” University a of Augsburg
- Grandy, Moebius, et al.
- 2006
(Show Context)
Citation Context ...that the ”lost” money of the from purse can be recovered if both cards are presented at the bank and their exception logs are compared. Our implementation (by hand) of this case study can be found in =-=[15]-=-. III. THE MODELING FRAMEWORK In this Section we present our modeling framework and exemplify the use of our UML profile. UML profiles are a standard mechanism to extend the scope of UML and Internati... |