Automatic Implementation System of Security Protocols Based on Formal Description Techniques * L. Mengual 1 , N. Barcia 1 , E. Jiménez 2 , E. Menasalvas 1 , J. Setién 1 , J. Yágüez 1 DLSIIS, Facultad de Informática, U.P.M., Madrid, Spain 1 {lmengual, nicolas, emenasalvas, jsetien, jyaguez}@fi.upm.es 2 {ernes}@eui.upm.es * This work is supported by Science and Technology Ministry of Spain under the proyect “A Multi-Agent System Architecture for the automatic and dynamic Implementation of security protocols (TIC2001-3376)” Abstract In this paper we present an automatic implementation system of security protocols based in Formal Description Techniques. A sufficiently complete and concise formal specification that has allowed us to define the state machine that corresponds to a security protocol has been designed to achieve our goals. This formal specification makes it possible to incorporate in a flexible way the security mechanisms and functions (random numbers generation, timestamps, symmetric-key encryption, public_key cryptography, etc). Our solution implies the incorporation of an additional security layer L.E.I. (Logical Element of Implementation) in the TCP/IP architecture. This additional layer be able both to interpret and to implement any security protocol from its formal specification. Our system provides an Applications Programming Interfaz (API) for the development of distributed applications in Internet like the e-commerce, bank transfers, network management or distribution information services that makes transparent to them the problem of security in the comunications. 1. Introduction The Formal Description Techniques are the base of the automated support in different development activities. The formal specification is an essential tool in the engineering of communications protocols. Using Formal Description Techniques significant improvements can be obtained in the quality, availability in the market and cost of the lifecycle of the product. The formal models of security have evolved in parallel with the development of the computer systems (software, hardware, operating systems), as well as with the technology and extension of the data networks. Initially, the formal models have treated the problem of control access in individual systems. The criteria of security TCSEC (Trusted Computer System Evaluation Criteria) of the DoD (Departament of Defense) of the government of USA [1] or the European ITSEC (Information Technology Security Evaluation Criteria) [2] criteria are an example of the formalization in the field of secure computer systems. Other examples are the models developed in [3], [4], [5]. The important improvements of the Local Area Networks (LAN), and their interconnection with remote networks has given birth to new and more sophisticated threats associated with the distribution of the information (eavesdropping, tampering, impersonation, etc)[6]. This has led to the development of new security mechanisms and functions not only to solve the problems of access control to resources in individual systems but also to protect the information in trafic in open systems ([7], [8]). In this case, the Formal Description Techniques (FDT) have been used to specify security protocols and to evaluate the vulnerability of these protocols aganist different attacks. Examples of this type of formal analysis are given in [9], [10]. The formal specification makes it possible to verify, to validate and to implement communications protocols in an efficient way before the development of a software product. However, the use of Formal Description Techniques (ESTELLE, LOTOS, SDL etc) in the specification of security protocols implies a series of additional considerations that are not taken into account in the conventional specifications of communications protocols [11]. A great effort has been carried out with unquestionable success in the development of Techniques of Formal Description (TDF) for the verification, validation and implementation of communications protocols. However, a parallel effort has not been carried out in the development of formal techniques that make the analysis, verification and implementation of security protocols. In this work we present the results obtained from the development of the L.E.I. (Logical Element of Implementation) an additional layer in the TCP/IP architecture will be able both to