Formal specification and verification of the SET/A protocol with an approach

Author

Lam, Vitus S W ; Padget, Julian

Author_Institution

Dept. of Comput. Sci., Bath Univ., UK

fYear

2004

fDate

6-9 July 2004

Firstpage

229

Lastpage

235

Abstract

In this paper, we specify the SET/A protocol which is an agent-based payment protocol for credit card transactions in UML statechart diagrams. Then we translate them into the NuSMV language and analyze the payment protocol using the NuSMV model checker. Although the payment protocol satisfies desired properties including data integrity and deadlock freedom in the absence of an agent failure, a failure analysis reveals that not all desired properties are satisfied when the agent crashes. The agent may fail while it is travelling to a merchant´s server or when it is running in the merchant´s server. To ensure that a transaction is resilient to the agent failure, an extended SET/A protocol is proposed. Whenever a timeout occurs, the cardholder sends an inquiry request to the merchant directly for finding out the transaction result. Our work contributes the e-commerce field by using an integrated approach for modelling and analyzing the SET/A protocol.

Keywords

credit transactions; electronic commerce; formal specification; formal verification; mobile agents; protocols; security of data; software fault tolerance; NuSMV language; NuSMV model checker; SET/A protocol; UML statechart diagrams; agent failure; credit card transactions; data integrity; deadlock freedom; e-commerce field; failure analysis; formal specification; formal verification; payment protocol; Computer crashes; Computer science; Credit cards; Failure analysis; Formal specifications; Mobile agents; Protocols; Software agents; System recovery; Unified modeling language;

fLanguage

English

Publisher

ieee

Conference_Titel

e-Commerce Technology, 2004. CEC 2004. Proceedings. IEEE International Conference on

Print_ISBN

0-7695-2098-7

Type

conf

DOI

10.1109/ICECT.2004.1319738

Filename

1319738