Skip to main content
SpringerLink
Log in

Insider Fraud

Position Paper

  • Conference paper
  • First Online:
Security Protocols (Security Protocols 1998)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 1550))

Included in the following conference series:

Abstract

Frequently, inventors of an attack desperately try to find reasons why the victim of the attack should have initiated a protocol run with an intruder when it is blatantly obvious that there is no intruder anywhere to be seen but there is a misbehaving insider. Security models where the antagonist is an insider are much more relevant to the electronic commerce scenario which today drives much work on security protocols and cryptography. This is another example of a general problem in security. Too often, the concepts used to discuss security do not fit the security issues we are trying to address.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Michael Burrows, Mart⥶ Abadi, and Roger Needham. A logic of authentication. DEC Systems Research Center, Report 39, revised February 22 1990.

    Google Scholar 

  2. Dieter Gollmann. What do we mean by entity authentication? In Proceedings of the 1996 IEEE Symposium on Security and Privacy, pages 46–54, 1996.

    Google Scholar 

  3. Gavin Lowe. An attack on the Needham-Schroeder public-key authentication protocol. Information Processing Letters, 56(3):131–133, 1995.

    Article  MATH  Google Scholar 

  4. Gavin Lowe. Breaking and fixing the Needham-Schroeder public-key protocol using FDR. In Proceedings of TACAS, pages 147–166. Springer LNCS 1055, 1996.

    Google Scholar 

  5. Gavin Lowe. Some new attacks upon security protocols. In Proceedings of the 9th IEEE Computer Security Foundations Workshop, pages 162–169, 1996.

    Google Scholar 

  6. Roger M. Needham and M.D. Schroeder. Using encryption for authentication in large networks of computers. CACM, 21:993–999, 1978.

    MATH  Google Scholar 

  7. Lawrence C. Paulson. The inductive approach to verifying cryptographic protocols. Technical Report 443, Computer Laboratory, University of Cambridge, February 1998.

    Google Scholar 

  8. A.W. Roscoe. Intensional specifications of security protocols. In Proceedings of the 9th IEEE Computer Security Foundations Workshop, pages 28–38, 1996.

    Google Scholar 

  9. Paul Syverson. Adding time to a logic of authentication. In Proceedings of the 1st ACM Conference on Computer and Communications Security, pages 97–101, 1993.

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Microsoft Research Ltd, Cambridge, UK

    Dieter Gollmann

Authors
  1. Dieter Gollmann
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Computer Science Department, University of Hertfordshire, Hatfield, AL10 9AB, UK

    Bruce Christianson

  2. Computer Laboratory, University of Cambridge, New Museums Site, Pembroke Street, Cambridge, CB2 3QG, UK

    Bruno Crispo

  3. Department of Computer Science, University of Turin, Corso Svizzera 185, I-10149, Turin, Italy

    Bruno Crispo

  4. Harlow Laboratories, Nortel Networks, London Road, Harlow, Essex, CM17 9NA, UK

    William S. Harbison

  5. Centre for Communications Systems Research, University of Cambridge, 10 Downing Street, Cambridge, CB2 3DS, UK

    Michael Roe

Rights and permissions

Reprints and permissions

Copyright information

© 1998 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Gollmann, D. (1998). Insider Fraud. In: Christianson, B., Crispo, B., Harbison, W.S., Roe, M. (eds) Security Protocols. Security Protocols 1998. Lecture Notes in Computer Science, vol 1550. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-49135-X_29

Download citation

  • DOI: https://doi.org/10.1007/3-540-49135-X_29

  • Published:

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-65663-0

  • Online ISBN: 978-3-540-49135-4

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation