A Comparison-Based Methodology for the Security Assurance of Novel Systems

A Comparison-Based Methodology for the Security Assurance of Novel Systems

연구 분야: Verification

학회: European Symposium on Research in Computer Security

In this paper, we advocate the position that the security certification of one system should make the certification of other similar systems easier, if one can present the evidence that the second system is at least as secure as the first system. We present a development of this idea, stating the components of such comparative evidence. We stretch the idea of propagating the certification to less similar systems, if one can present a sequence of systems from the certified one to the novel one, where each system is evidenced to be at least as secure as the previous one. We apply our methodology to authentication systems, where we show that a system based on threshold cryptography is at least as secure as widely used smartcard-based systems.