Abstract
Frequently, inventors of an attack desperately try to find reasons why the victim of the attack should have initiated a protocol run with an intruder when it is blatantly obvious that there is no intruder anywhere to be seen but there is a misbehaving insider. Security models where the antagonist is an insider are much more relevant to the electronic commerce scenario which today drives much work on security protocols and cryptography. This is another example of a general problem in security. Too often, the concepts used to discuss security do not fit the security issues we are trying to address.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Michael Burrows, Mart⥶ Abadi, and Roger Needham. A logic of authentication. DEC Systems Research Center, Report 39, revised February 22 1990.
Dieter Gollmann. What do we mean by entity authentication? In Proceedings of the 1996 IEEE Symposium on Security and Privacy, pages 46–54, 1996.
Gavin Lowe. An attack on the Needham-Schroeder public-key authentication protocol. Information Processing Letters, 56(3):131–133, 1995.
Gavin Lowe. Breaking and fixing the Needham-Schroeder public-key protocol using FDR. In Proceedings of TACAS, pages 147–166. Springer LNCS 1055, 1996.
Gavin Lowe. Some new attacks upon security protocols. In Proceedings of the 9th IEEE Computer Security Foundations Workshop, pages 162–169, 1996.
Roger M. Needham and M.D. Schroeder. Using encryption for authentication in large networks of computers. CACM, 21:993–999, 1978.
Lawrence C. Paulson. The inductive approach to verifying cryptographic protocols. Technical Report 443, Computer Laboratory, University of Cambridge, February 1998.
A.W. Roscoe. Intensional specifications of security protocols. In Proceedings of the 9th IEEE Computer Security Foundations Workshop, pages 28–38, 1996.
Paul Syverson. Adding time to a logic of authentication. In Proceedings of the 1st ACM Conference on Computer and Communications Security, pages 97–101, 1993.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 1998 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Gollmann, D. (1998). Insider Fraud. In: Christianson, B., Crispo, B., Harbison, W.S., Roe, M. (eds) Security Protocols. Security Protocols 1998. Lecture Notes in Computer Science, vol 1550. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-49135-X_29
Download citation
DOI: https://doi.org/10.1007/3-540-49135-X_29
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-65663-0
Online ISBN: 978-3-540-49135-4
eBook Packages: Springer Book Archive