http://www.cnr.it/ontology/cnr/individuo/prodotto/ID83585
Retaliation: Can We Live with Flaws? (Contributo in atti di convegno)
- Type
- Label
- Retaliation: Can We Live with Flaws? (Contributo in atti di convegno) (literal)
- Anno
- 2006-01-01T00:00:00+01:00 (literal)
- Alternative label
[1] Bistarelli S., [2] Bella G., [3] Masacci F. (2006)
Retaliation: Can We Live with Flaws?
in NATO ARW Information Security Assurance and Security 2005 (ARWIAS'05), Tetuan (Marocco), 3-4 Jun 2006
(literal)
- Http://www.cnr.it/ontology/cnr/pubblicazioni.owl#autori
- [1] Bistarelli S., [2] Bella G., [3] Masacci F. (literal)
- Pagina inizio
- Pagina fine
- Http://www.cnr.it/ontology/cnr/pubblicazioni.owl#altreInformazioni
- Codice Puma: cnr.iit/2006-A2-019 (literal)
- Http://www.cnr.it/ontology/cnr/pubblicazioni.owl#affiliazioni
- [1] CNR-IIT, Pisa, Italy; [2]Dipartimento di Matematica e Informatica, Università di Catania, Catania, Italy; [3] Dipartimento di Informatica e Telecomunicazioni, Università di Trento, Trento, Italy (literal)
- Titolo
- Retaliation: Can We Live with Flaws? (literal)
- Abstract
- Security protocols intend to give their parties reasonable assurance that certain security properties will protect their communication session. However, the literature confirms that the protocols may suffer subtle and hidden attacks. Flawed protocols are customarily sent back to the design process, but the costs of reengineering a deployed protocol may be prohibitive. This paper outlines the concept of retaliation: who would steal a sum of money today, should this pose significant risks of having twice as much stolen back tomorrow? Attacks are always balanced decisions: if an attack can be retaliated, the economics of security may convince us to live with a flawed protocol. This new perspective requires a new threat model where any party may decide to subvert the protocol for his own sake, depending on the risks of retaliation. This threat model, which for example is also suitable to studying non-repudiation protocols, seems more appropriate than the Dolev-Yao model to the present technological/social setting. (literal)
- Editore
- Prodotto di
- Autore CNR
- Insieme di parole chiave
Incoming links:
- Prodotto
- Autore CNR di
- Editore di
- Insieme di parole chiave di