[Impressum] [E-Mail]

Online-Banking

Online banking is an application that allows its users to make bank transfers from anywhere over the internet. It uses the indexed transaction authentication number (iTAN) protocol and considers the user view as well as the internal transfer process between bank services.
This system application is obviously security-critical. To secure the exchanged messages it uses the standard protocol TLS.

Because the most business security requirements and standard security properties does not match, our approach is to prove application-specific security properties.
For this online banking system some properties are:
- No money can be lost (more precise: The sum of all account balances is constant)
- A transfer that is made by an account owner will be debited from his account and credited on the target account that is choosen by the account owner who made the transfer.
- Only the account owner can make a transfer from his account.


Begin the walkthrough

Jump to selected documents

• Sequence diagrams
• Class and Deployment diagrams
• Activity diagrams