© 2018

Modelling and Verification of Secure Exams


  • Securing exam systems is necessary to ensure fairness and meritocracy in modern societies

  • Author introduces a novel approach to securing exam systems

  • Useful for researchers and graduate students in the areas of information security, in particular protocols


Part of the Information Security and Cryptography book series (ISC)

Table of contents

  1. Front Matter
    Pages i-xi
  2. Rosario Giustolisi
    Pages 1-5
  3. Rosario Giustolisi
    Pages 7-22
  4. Rosario Giustolisi
    Pages 23-41
  5. Rosario Giustolisi
    Pages 43-63
  6. Rosario Giustolisi
    Pages 65-94
  7. Rosario Giustolisi
    Pages 95-123
  8. Back Matter
    Pages 125-138

About this book


In this book the author introduces a novel approach to securing exam systems. He provides an in-depth understanding, useful for studying the security of exams and similar systems, such as public tenders, personnel selections, project reviews, and conference management systems.

After a short chapter that explains the context and objectives of the book, in Chap. 2 the author introduces terminology for exams and the foundations required to formulate their security requirements. He describes the tasks that occur during an exam, taking account of the levels of detail and abstraction of an exam specification and the threats that arise out of the different exam roles. He also presents a taxonomy that classifies exams by types and categories. Chapter 3 contains formal definitions of the authentication, privacy, and verifiability requirements for exams, a framework based on the applied pi-calculus for the specification of authentication and privacy, and a more abstract approach based on set-theory that enables the specification of verifiability. Chapter 4 describes the Huszti-Pethő protocol in detail and proposes a security enhancement. In Chap. 5 the author details Remark!, a protocol for Internet-based exams, discussing its cryptographic building blocks and some security considerations. Chapter 6 focuses on WATA, a family of computer-assisted exams that employ computer assistance while keeping face-to-face testing. The chapter also introduces formal definitions of accountability requirements and details the analysis of a WATA protocol against such definitions. In Chaps. 4, 5, and 6 the author uses the cryptographic protocol verifier ProVerif for the formal analyses. Finally, the author outlines future work in Chap. 7.

The book is valuable for researchers and graduate students in the areas of information security, in particular for people engaged with exams or protocols.


Formal Methods Authentication Privacy Verifiability Exam Protocols Certificate Validation Remark! Exam Huszti-Pethő Protocol WATA Protocol ProVerif

Authors and affiliations

  1. 1.Department of Computer ScienceIT University of CopenhagenCopenhagenDenmark

About the authors

Rosario Giustolisi is an assistant professor at the IT University of Copenhagen. He received his PhD from the University of Luxembourg where he worked on a formal framework for the security analysis of exam protocols and on the design of protocols for computer-assisted and Internet-based exams. As a postdoc at SICS RISE and a member of the Security Lab in Lund, he investigated group-based authentication mechanisms for future 5G networks. His research interests include the modeling and formal analysis of secure network protocols and the sociotechnical security aspects of real-world systems.

Bibliographic information

Industry Sectors
IT & Software
Finance, Business & Banking