Back to University of Twente portal

Login

UTpublications

Home About Upload Latest Additions Statistics Contact

UT Student Theses

Dutch Academic Output Dutch Dissertations EU Publications (OpenAIRE)

Advanced search

A Formal Security Analysis of an OSA/Parlay Authentication Interface

Corin, R. and Di Caprio, G. and Etalle, S. and Gnesi, S. and Lenzini, G. and Moiso, C. (2005) A Formal Security Analysis of an OSA/Parlay Authentication Interface. [Report]

[img]

Preview

PDF
205Kb

Abstract:	We report on an experience in analyzing the security of the Trust and Security Management (TSM) protocol, an authentication procedure within the OSA/Parlay Application Program Interfaces (APIs) of the Open Service Access and Parlay Group. The experience has been conducted jointly by research institutes, experienced in security, and an industry experts in telecommunication networking. OSA/Parlay APIs are designed to enable the creation of telecommunication applications outside the traditional network space and business model. Network operators consider the OSA/Parlay architecture promising for stimulating the development of web-service applications by third party providers which are not necessarily expert in telecommunication and security. The TSM protocol is executed by the gateways to OSA/Parlay networks; its role is to authenticate client applications trying to access the interfaces of some object representing an offered network capability. For this reason, potential security flaws in the TSM authentication strategy can cause the unauthorized use of network with evident damages to the operator and to the quality of services. This paper reports the rigorous formal analysis of the TSM specification originally given in UML; the design activity of the formal model, the tool-aided verification performed, and the security flaws discovered.
Item Type:	Report
Copyright:	© 2005 CTIT
Faculty:	Electrical Engineering, Mathematics and Computer Science (EEMCS)
Research Group:	Distributed and Embedded Systems (DIES)
Link to this item:	http://purl.utwente.nl/publications/57049
Export this item as:	BibTeX EndNote HTML Citation Reference Manager

Show download statistics for this publication

Repository Staff Only: item control page

Metis ID: 248095

Education
▪ Behavioural Sciences
▪ Management and Governance
▪ Engineering Technology
▪ Electrical Engineering, Mathematics and Computer Science
▪ Science and Technology
▪ Geo-Information Science and Earth Observation
▪ Overview programmes

Research
▪ Centre for Telematics and Information Technology
▪ Institute for Behavioral Research
▪ Institute for Innovation and Governance Studies
▪ Institute of Mechanics, Processes and Control
▪ Mesa+ Institute for Nanotechnology
▪ MIRA Biomedical Technology and Technical Medicine

Cooperation
▪ Alumni
▪ Universiteitsfonds
▪ Kennispark Twente
▪ Entrepreneurs
▪ The Science Shop
▪ Press