Security in Petri nets sharing and storage: subnets, privacy, integrity, authentication and non repudiation stars

Résumé

In this thesis I approach the study of Petri nets from the point of view of the security. There several goals in this thesis. First of all, I will define a subnetting process by building a framework of definitions and notations to create subnets from the original Petri net. Then, the creation of a PNML extension that allows the representation of subnets. In this work only the structure of the network is processed. The study of markings and properties of nets with hidden pieces will we analyzed in further works. One application of this subnetting and PNML representation is the possibility of hiding part of a Petri net, facing a possible distribution, maintaining the privacy of the critical, secret, or complex parts of the system. However this hidden information is not eliminated from the net, but encrypted inside. Other application explained is the possibility of digital signature of subnets, providing security services to the net and/or subnets. My original contribution to knowledge are: 1. Comprehensive study of subnets, abstracting their internal structure from the exterior by using front-ends. A method to build these subnets from the complete Petri net is explained and analyzed matrixed. 2. PNML has no way to represent subnets, so I approach a possible PNML extension to do it. 3. Subnetting and PNML extension to represents subnets allow to apply several security technics that offers encryption, data integrity, authentication and non repudiation