Abstract
Pekka Nikander: Do you have any feeling for how much of this system you can model?
Reply: It’s a moveable feast: you can choose the boundary. But if you don’t have any boundary at all then I don’t think you’ve got enough context...you need to talk about conditions that are established through combinations of sub-protocols, and they have to be in context. I think it’s not just a simple matter of fact, of saying “OK, we’ll just work with the protocol and hope everything else will go away.” It won’t. And I don’t yet know where to stop.
Bruce Christianson: When you say “the protocol” I assume you’re using that in a narrow sense of just meaning the messages and the state of the protocol itself, is that right? It’s clear that you need to model some of the other aspects of those systems on which the protocols run.
Reply: Yes, that’s where I was coming from. I originally started doing this work on very constrained message sequence charts. When people asked if I could prove completeness, I said that there may be a key to prove completeness for this very narrow class of protocols, but what was the point, because the real problems were all around the side. You need to broaden out the model and then completeness questions probably disappear.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2005 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Monahan, B. (2005). From Security Protocols to Systems Security. In: Christianson, B., Crispo, B., Malcolm, J.A., Roe, M. (eds) Security Protocols. Security Protocols 2003. Lecture Notes in Computer Science, vol 3364. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11542322_38
Download citation
DOI: https://doi.org/10.1007/11542322_38
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-28389-8
Online ISBN: 978-3-540-31836-1
eBook Packages: Computer ScienceComputer Science (R0)