Kailar逻辑的串空间语义

Kailar在1996年发表了“电子商务协议中的可追究性”一文，使得电子商务协议的形式化分析得到了重大的发展.但是Kailar逻辑的语义一直没有人提出来过，而逻辑的语义对于逻辑的正确性是至关重要的.本文的主要工作就是给出了Kailar逻辑的串空间语义，从语义的角度证明了Kailar逻辑的规则的正确性。     

Kailar逻辑的缺陷及改进

近年来，电子商务协议的设计逐渐成为热点。Kailar提出了一种用于分析电子商务协议中可追究性的形式化分析方法，简称Kailar逻辑。指出这一逻辑的缺陷：在发生重放攻击时不能正确分析各方面的责任，在验证协议是否满足公平性原则时，具有一定的局限性。针对上述缺陷提出改进措施。     

改进的Kailar逻辑在协议分析中的应用

通过对Kailar逻辑进行改进,提出了一种新的用于分析电子商务协议的形式化方法。新方法中的推导规则既简单便捷同时又具有分析签名和分析密文的能力。该方法既能推导协议的可追究性又能分析协议的公平性,与其它的方法相比较,这一新方法既避免了Kailar逻辑的缺陷又能分析复杂的电子商务协议。     

电子商务协议的串空间分析

电子商务协议常常具有复杂结构,协议可能由多个子协议组合而成.因此,电子商务协议的安全分析较认证协议更为复杂.传统的信念逻辑不适宜分析电子商务协议.Kailar逻辑适宜分析电子商务协议的可追究性,但不适宜分析协议的公平性.本文介绍并扩展了串空间逻辑,分析了ISI支付协议的串,并证明其不满足公平性.还提出一种新的串节点路径法,用以分析了ASW协议,该协议系由多个子协议组成的分支结构协议,通过串空间分析证明了该协议的公平性.通过对两个协议的分析,分别提供了对电子商务在线交易协议和离线交易协议的形式化分析方法.     

一个新的电子支付协议及其形式化分析

在安全电子支付协议中,付款方和收款方的可追究性及公平性非常重要.通常可以采用电子支付中的双方可追究协议来达到这个目的.在克服ISI支付协议缺陷的基础上,提出了一种新的公平可追究电子支付协议.经过使用改进的Kailar逻辑分析验证,新的协议满足可追究性和公平性原则.     

一种分析电子商务协议的新方法

通过将Kailar逻辑和LPC形式方法相结合，提出一种新的用于分析电子商务协议的形式化方法，新方法中的推导规则既简单便捷同时又具有分析签名和分析密文的能力，该方法既能描述协议中参加者的行为又能够分析参加者拥有的知识和推导协议的可追究性和公平性，使用该方法不仅可以分析使用在线第三方的协议又可以分析使用脱线第三方的电子商务协议。与其它的方法相比较，这一新方法既避免了Kailar逻辑的缺陷又弥补了LPC方法的不足。     

Kailar逻辑的改进及应用

综合Kailar逻辑和SVO逻辑两种协议分析方法的优点,借助SVO逻辑的思想对Kailar逻辑进行了改进,使其更好地应用于不可否认协议的可追究性分析和设计。同时,将改进后的Kailar逻辑应用在类NG协议的分析中,分析结果证明了该协议可追究方面的安全性质。     

有穷机和逻辑结合的电子商务协议分析方法

提出一种扩展的有穷自动机模型,并结合卿-周逻辑给出一种新的电子商务协议形式化分析方法,用于分析电子商务协议的可追究性、公平性和时限性.该方法结合了模型检测和逻辑分析两种形式化分析方法的优点,可以准确形象地描述协议的具体运行过程,并且在发生重放攻击时能够正确分析各方的责任.利用该方法对Kim等人提出的改进版ZG协议进行了实例分析,给出了描述该协议运行过程的状态转换图,结合状态转换图对该协议分析得出其满足可追究性、公平性、时限性,并且不存在被重放攻击的可能.最后用时间自动机UPPAAL验证了新方法中有穷自动机模型的准确性和时限性分析的有效性.     

Kailar逻辑缺陷的进一步讨论

责任性是电子商务安全性的基本要求之一,它要求交易各方对自己的行为负责。Kailar逻辑是专门针对电子商务责任性进行分析的逻辑。然而Kailar逻辑也存在不足。该文讨论了Kailar逻辑的一种缺陷——发生重放攻击时,Kailar逻辑不能正确分析各方的责任性,并分析了出现这种缺陷的原因,提出了改进方案。     

一种新的基于HECC的多方公平交换协议

为了提高多方公平交换协议的安全性和运行效率,提出一种新的基于HECC的多方公平交换协议。利用基于超椭圆曲线双线性对的身份签名方案,提高了协议的运行效率;通过HECC的门限秘密共享技术确保了交易过程中的安全性。最后用改进的Kailar逻辑对新的多方公平交换协议进行形式化分析,结果表明新的多方公平交换协议不仅满足公平性、抗合谋性等,而且具有可追究性。     

一种分析电子商务协议的新工具

提出了一种新的形式化分析方法,可用于分析电子商务协议.与Kailar逻辑相比,它有3个优点:(1)能够有效地分析协议的公平性,在进行公平性分析时充分考虑了通信信道的可靠性;(2)初始化拥有集合只依赖于环境,不需要人为地引入初始化假设;(3)增加了密文理解规则,能够有效地分析包含有签过名的加密公式的消息.     

一种新型的安全协议分析逻辑

提出了一种新的形式化分析逻辑 ,可用于分析协议的安全性 .它有 3个优点 :(1)能分析协议的可追究性 ,(2 )能分析协议的公平性 ,(3)能有效的分析协议能否抵御重放攻击 ,(4 )增加了密文理解规则 ,能够有效地分析包含有签过名的加密公式的消息     

Accountability in electronic commerce protocols

In most commercial and legal transactions, the ability to hold individuals or organizations accountable for transactions is important. Hence, electronic protocols that implement commercial transactions must be designed to provide adequate accountability assurances for transacting parties. A framework is proposed for the analysis of communication protocols that require accountability, such as those for electronic commerce. This framework can be used to analyze protocol designs to detect accountability (or lack thereof). Arguments are presented to show that a heretofore unexplored property “provability” is pertinent to examining the potential use of communication protocols in the context of litigation, and in the context of audit. A set of postulates which are applicable to the analysis of proofs in general and the proofs of accountability in particular, are proposed. The proposed approach is more natural for the analysis of accountability than the existing belief logics (e.g., M. Burrows et al., 1990) that have been used in the past for the analysis of key distribution protocols. Some recently proposed protocols for electronic commerce and public key delegation are analyzed to illustrate the use of the new analysis framework in detecting (and suggesting remedies for eliminating) their lack of accountability, and in detecting and eliminating redundancies     

Exclusions and related trust relationships in multi-party fair exchange protocols

Some electronic commerce transactions are inherently performed between more than two parties. In this context, it is thus important to determine whether the underlying fair exchange protocols allowing the secure implementation of such transactions enable participants to exclude other entities from a protocol execution. This is an important point that has not been sufficiently addressed when analysing such kind of protocols, and that may be crucial for the successful accomplishment of multi-party electronic transactions. In this paper we define the properties related to exchange protocols and exclusions, study exclusion scenarios on two well-known multi-party fair exchange protocols and point out the implications that exclusions may have on the trust relationships between participants, and, more generally, on electronic commerce. Two new protocols more robust than existing multi-party fair exchange protocols are therefore proposed.     

Inter-agent Dialogues in Electronic Marketplaces

This paper presents an overall framework for carrying out different types of dialogues between intelligent and autonomous agents acting in an electronic marketplace. Such dialogues take place during various commercial transactions concerning requests and offers of products and services. The proposed dialogue framework has been adopted in the communication and collaboration protocols of an already implemented system, which enables buyers and sellers delegate a variety of tasks to their personal agents. Much attention has been paid to the personalization of collaborative agents, which may permanently live and interact in the market representing their owners' interests. Our overall approach builds on a modular decomposition of the agents involved, and a formal and operational modeling of the associated dialogues. Features of our framework are demonstrated through an illustrative example of dialogues deployed during interagent transactions on the establishment of a combined reservation for dinner and a movie. The main contribution of this work is that the proposed framework is capable to represent disparate dialogues taking place among agents having adopted diverse strategies for carrying out e-commerce transactions.