Skip to main content
SpringerLink
Log in

A Process-Oriented Model for Authentication on the Basis of a Coloured Petri Net

  • Conference paper
  • First Online:
Business Process Management (BPM 2003)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 2678))

Included in the following conference series:

Abstract

Public-key cryptography is a prerequisite for security in distributed systems and for reliable electronic commerce. The protection of public keys against attacks is the Achilles’ heel of public-key cryptography. It is the goal of public-key infrastructures to provide the authenticity of the public keys for its participants. Formal models (called trust models) contribute decisively to a deeper understanding of the desirable design principles for these infrastructures. The present paper gives a trust model on the basis of a coloured Petri net. The graphic representation of nets of this type makes them easily understandable even for unexperienced users. In an application in electronic commerce the process formalized by this Petri net will be embedded in a cryptographic protocol which again will be an important part of a larger business process. So, the model of this paper is a useful module in business processes that are common in electronic commerce.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 99.00
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 129.00
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Beth, T., Borcherding, M., Klein, B.: Valuation of trust in open systems. In: D. Gollmann (ed.): Proceedings 1994 Symposium on Research in Computer Security (ESORICS’94), Lecture Notes in Computer Science, Vol. 875. Springer, Berlin (1994) 3–18 2. Design/CPN online. http://www.daimi.au.dk/designCPN/

    Google Scholar 

  2. Diffie, W., Hellman, M.E.: New directions in cryptography. IEEE Transactions on Information Theory 22 (1976) 644–654

    Article  MATH  MathSciNet  Google Scholar 

  3. Henderson, M., Coulter, R., Dawson, E., Okamoto, E.: Modelling trust structures for public key infrastructures. In: L. Batten and J. Seberry (eds.): Proceedings of the 7th Australian Conference on Information Security Security and Privacy 2002 (ACISP’2002), Lecture Notes in Computer Science, Vol. 2384. Springer, Berlin (2002) 56–70

    Google Scholar 

  4. Jensen, K.: High-level Petri nets. In: A. Pagnoni, G. Rozenberg (eds.): Applications and Theory of Petri Nets, Informatik-Fachberichte, Berlin, Vol. 66. Springer, Berlin (1983) 166–180

    Google Scholar 

  5. Jensen, K.: Coloured Petri Nets: Basic Concepts, Analysis Methods and Practical Use, Volume I, Basic Concepts. Springer, Berlin (1997)

    Google Scholar 

  6. Jensen, K.: Coloured Petri Nets: Basic Concepts, Analysis Methods and Practical Use, Volume II, Analysis Methods. Springer, Berlin (1997)

    Google Scholar 

  7. Jensen, K.: Coloured Petri Nets: Basic Concepts, Analysis Methods and Practical Use, Volume III, Practical Use. Springer, Berlin (1997)

    Google Scholar 

  8. Jøsang, A.: An algebra for assessing trust in certification chains. In: J. Kochmar (ed.): Proceedings of the Network and Distributed Systems Security Symposium (NDSS’99), Internet Society (1999)

    Google Scholar 

  9. Kohlas, R., Maurer, U.: Confidence valuation in a public-key infrastructure based on uncertain evidence. In: Proceedings of the International Workshop on Practice and Theory in Public-Key Cryptography 2000 (PKC’2000), Lecture Notes in Computer Science, Vol. 1751. Springer, Berlin (2000) 93–112

    Google Scholar 

  10. Kohlas, R., Maurer, U.: Reasoning about public-key certification: On bindings between entities and public keys. IEEE Journal on Selected Areas in Communication 18 (2000) 591–600

    Google Scholar 

  11. Kristensen, L.M., Christensen, S., Jensen, K.: The practitioner’s guide to coloured Petri nets. International Journal on Software Tools for Technology Transfer 2 (1998) 98–132

    Article  MATH  Google Scholar 

  12. Maurer, U.: Modelling a public-key infrastructure. In: E. Bertino, H. Kurth, G. Martella, and E. Montolivo (eds.): Proceedings 1996 European Symposium on Research in Computer Security (ESORICS’96), Lecture Notes in Computer Science, Vol. 1146. Springer, Berlin (1996) 325–350

    Google Scholar 

  13. Menezes, A.J., van Oorschot, P.C., Vanstone, S.A.: Handbook of Applied Cryptography. CRC Press, Boca Raton, Florida (1997)

    MATH  Google Scholar 

  14. R. Perlman: An overview of PKI trust models. IEEE Network 13 (1999) 38–43

    Article  Google Scholar 

  15. M.K. Reiter and S.G. Stubblebine: Toward acceptable metrics of authentication. In: Proceedings of the 1997 IEEE Computer Society Symposium on Research in Security and Privacy (1997) 10–20

    Google Scholar 

  16. M.K. Reiter and S.G. Stubblebine: Authentication metric analysis and design. ACM Trans. Information and Systems Security 2 (1999) 138–158

    Article  Google Scholar 

  17. Rivest, R.L., Shamir, A., Adleman, L: A method for obtaining digital signatures and public-key cryptosystems. Communications of the ACM 21 (1978) 120–126

    Article  MATH  MathSciNet  Google Scholar 

  18. Stallings, W.: Network Security Essentials-Applications and Standards. Prentice Hall, Upper Saddle River, New Jersey (2000)

    Google Scholar 

  19. Stinson, D.R.: Cryptography: Theory and Practice. CRC Press, Boca Raton, Florida (1995)

    MATH  Google Scholar 

  20. Wölfl, T.: Automatische Schlüssel-Authentifizierung in einem formalen PKI-Modell. Work done in a student’s project, Institut für Wirtschaftsinformatik, Universität Regensburg, 2002

    Google Scholar 

  21. Yahalom, R., Klein, B., Beth, T.: Trust relationships in secure systems-a distributed authentication perspective. In: Proceedings of the 1993 IEEE Conference on Research in Security and Privacy (1993) 150–164.

    Google Scholar 

  22. Zimmermann, P.: PGP User’s Guide, Vol. I: Essential Topics. 1994

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Institut für Wirtschaftsinformatik, Universität Regensburg, D-93040, Regensburg, Germany

    Peter Lory

Authors
  1. Peter Lory
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Information and Technology, Eindhoven University of Technology, P.O. Box 513, 5600 MB, Eindhoven, The Netherlands

    Wil M. P. van der Aalst

  2. Hasso Plattner Institute for Software Systems Engineering, Potsdam University, Prof.-Dr.-Helmert-Str. 2-3, 14482, Potsdam, Germany

    Mathias Weske

Rights and permissions

Reprints and permissions

Copyright information

© 2003 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Lory, P. (2003). A Process-Oriented Model for Authentication on the Basis of a Coloured Petri Net. In: van der Aalst, W.M.P., Weske, M. (eds) Business Process Management. BPM 2003. Lecture Notes in Computer Science, vol 2678. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-44895-0_16

Download citation

  • DOI: https://doi.org/10.1007/3-540-44895-0_16

  • Published:

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-40318-0

  • Online ISBN: 978-3-540-44895-2

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation