TRIPLEX is a tool-supported framework for the analysis of data minimisation in privacy-enhancing protocols.
TRIPLEX provides high-level but precise formal analysis of data minimisation to non-cryptography experts.
Based on a solid formal grounding, the framework gives an objective and precise overview of what personal information is learnt by (coalitions of) actors in a user-specified scenario.
TRIPLEX allows users to visually construct scenarios of different actors communicating using any kind of privacy-enhancing protocol.
TRIPLEX automatically simulates these scenarios, and provides different analysis tools.
The tools, geared towards non-cryptography-experts, allow users to analyse the knowledge that actors learn by executing communication protocols, as well as to verify protocol-independent privacy properties.
TRIPLEX has been developed in the context of the STW Sentinel Mobiman project and EIT ICT Lab activity Secure and Privacy-aware Mobile Identity Management.
TRIPLEX: the archive contains the executable files along with a protocol example.
- Meilof Veeningen, Benne de Weger, Nicola Zannone: Data minimisation in communication protocols: a formal analysis framework and application to identity management. Int. J. Inf. Sec. 13(6): 529-569 (2014)
- Meilof Veeningen, Mayla Brusò, Jerry den Hartog, Nicola Zannone: TRIPLEX: verifying data minimisation in communication systems. ACM Conference on Computer and Communications Security 2013: 1415-1418
- Meilof Veeningen, Benne de Weger, Nicola Zannone: Formal Modelling of (De)Pseudonymisation: A Case Study in Health Care Privacy. STM 2012: 145-160
- Meilof Veeningen, Benne de Weger, Nicola Zannone: Formal Privacy Analysis of Communication Protocols for Identity Management. ICISS 2011: 235-249