The Use of Formal Methods for Trusted Digital Signature Devices

Bruno Langenstein and Roland Vogt, German Research Center for Artificial Intelligence Ltd., Germany; Markus Ullmann, German Information Security Agency, Germany

This paper presents a formal security policy model for Smart-Cards with digital signature application. This kind of model is necessary for each evaluation according to Information Technology Security Evaluation Criteria assurance level E4 (Common Criteria level EAL5) and above. Furthermore, we argue that such a model is essential for reasoning about the security of Information Technology components like a spe-cific IT product or IT system. Without an unambiguous defi-nition of what security means, it is impossible to say whether a product really is secure.

This page is copyrighted by AAAI. All rights reserved. Your use of this site constitutes acceptance of all of AAAI's terms and conditions and privacy policy.