Modeling human errors in security protocols
- Submitting institution
-
Heriot-Watt University
- Unit of assessment
- 11 - Computer Science and Informatics
- Output identifier
- 27416360
- Type
- E - Conference contribution
- DOI
-
10.1109/CSF.2016.30
- Title of conference / published proceedings
- 2016 IEEE 29th Computer Security Foundations Symposium (CSF)
- First page
- 325
- Volume
- -
- Issue
- -
- ISSN
- 1940-1434
- Open access status
- Technical exception
- Month of publication
- August
- Year of publication
- 2016
- URL
-
-
- Supplementary information
-
-
- Request cross-referral to
- -
- Output has been delayed by COVID-19
- No
- COVID-19 affected output statement
- -
- Forensic science
- No
- Criminology
- No
- Interdisciplinary
- No
- Number of additional authors
-
2
- Research group(s)
-
-
- Citation count
- 9
- Proposed double-weighted
- No
- Reserve for an output with double weighting
- No
- Additional information
- Significance: This paper has an increasing influence on the formal methods for information security community with respect to the modeling of and reasoning about humans in socio-technical systems. Examples are voting protocols, security ceremonies such as the Oyster card ceremony in public transportation, and classical security protocols with human agents such as multi-factor authentication protocols.
Originality: First formal approach to allow for arbitrary behaviour of human agents, first formal verification of a system’s security properties that differentiates between different levels of a user's expertise.
Contribution: Formal modeling techniques, formalization of human behaviour.
- Author contribution statement
- -
- Non-English
- No
- English abstract
- -
