| EPSRC Reference: |
GR/S98139/01 |
| Title: |
Automated Analysis of Security Critical Systems |
| Principal Investigator: |
Bundy, Professor A |
| Other Investigators: |
|
| Researcher Co-Investigators: |
|
| Project Partners: |
|
| Department: |
Sch of Informatics |
| Organisation: |
University of Edinburgh |
| Scheme: |
Standard Research (Pre-FEC) |
| Starts: |
01 October 2004 |
Ends: |
30 September 2007 |
Value (£): |
183,664
|
| EPSRC Research Topic Classifications: |
| Artificial Intelligence |
Fundamentals of Computing |
|
| EPSRC Industrial Sector Classifications: |
|
| Related Grants: |
|
| Panel History: |
|
|
Summary on Grant Application Form |
|
This project will develop a prototype tool for automated security analysis of protocols used in electronic payment systems. We will be focusing on the analysis of protocols at the Application Program Interface (API) level. A number of attacks have been found on these APIs causing information to be revealed that would make lucrative fraud possible. These attacks have been discovered by a mixture of manual and ad-hoc formal techniques. We aim to produce a tool to assist designers and hardware manufacturers in finding these flaws automatically, and to allow them to find ways to protect against them. The CORAL system, which was designed to analyse cryptographic security protocols specified inductively in first-order logic, will serve as a starting point for the work. It will be extended to enable reasoning about the complexity of breaking particular cryptographic functions in the context of information revealed by the API. We will also examine ways to check that a previously detected flaw has been fixed in a new design. The novel combination of these ideas will result in a working prototype for a crime prevention tool of genuine value.
|
|
Key Findings |
|
This information can now be found on Gateway to Research (GtR) http://gtr.rcuk.ac.uk
|
|
Potential use in non-academic contexts |
|
This information can now be found on Gateway to Research (GtR) http://gtr.rcuk.ac.uk
|
|
Impacts |
|
| Description |
This information can now be found on Gateway to Research (GtR) http://gtr.rcuk.ac.uk |
| Summary |
|
| Date Materialised |
|
|
|
|
Sectors submitted by the Researcher |
|
This information can now be found on Gateway to Research (GtR) http://gtr.rcuk.ac.uk
|
| Project URL: |
|
| Further Information: |
|
| Organisation Website: |
http://www.ed.ac.uk |