Analysing Security Protocols Using Refinement in iUML-B

被引:5
|
作者
Snook, Colin [1 ]
Hoang, Thai Son [1 ]
Butler, Michael [1 ]
机构
[1] Univ Southampton, ECS, Southampton, England
来源
NASA FORMAL METHODS (NFM 2017) | 2017年 / 10227卷
关键词
Virtual LAN; Security; Event-B; iUML-B;
D O I
10.1007/978-3-319-57288-8_6
中图分类号
TP39 [计算机的应用];
学科分类号
081203 ; 0835 ;
摘要
We propose a general approach based on abstraction and refinement for constructing and analysing security protocols using formal specification and verification. We use class diagrams to specify conceptual system entities and their relationships. We use state-machines to model the protocol execution involving the entities' interactions. Features of our approach include specifying security principles as invariants of some abstract model of the overall system. The specification is then refined to introduce implementable mechanisms for the protocol. A gluing invariant specifies why the protocol achieves the security principle. Security breaches arise as violations of the gluing invariant. We make use of both theorem proving and model checking techniques to analyse our formal model, in particular, to explore the source and consequence of the security attack. To demonstrate the use of our approach we explore the mechanism of a security attack in a network protocol.
引用
收藏
页码:84 / 98
页数:15
相关论文
共 27 条
  • [1] Property Ownership Formal Modelling Using Event-B and iUML-B
    Altamimi, Manar
    Al Hashimy, Nawfal
    Fathabadi, Asieh Salehi
    Wills, Gary
    RIGOROUS STATE-BASED METHODS, ABZ 2024, 2024, 14759 : 191 - 200
  • [2] Formalising the Hybrid ERTMS Level 3 specification in iUML-B and Event-B
    Dghaym, Dana
    Dalvandi, Mohammadsadegh
    Poppleton, Michael
    Snook, Colin
    INTERNATIONAL JOURNAL ON SOFTWARE TOOLS FOR TECHNOLOGY TRANSFER, 2020, 22 (03) : 297 - 313
  • [3] Formalising the Hybrid ERTMS Level 3 specification in iUML-B and Event-B
    Dana Dghaym
    Mohammadsadegh Dalvandi
    Michael Poppleton
    Colin Snook
    International Journal on Software Tools for Technology Transfer, 2020, 22 : 297 - 313
  • [4] Validating the Requirements and Design of a Hemodialysis Machine Using iUML-B, BMotion Studio, and Co-Simulation
    Thai Son Hoang
    Snook, Colin
    Ladenberger, Lukas
    Butler, Michael
    ABSTRACT STATE MACHINES, ALLOY, B, TLA, VDM, AND Z (ABZ 2016), 2016, 9675 : 360 - 375
  • [5] Integration of iUML-B and UPPAAL Timed Automata for Development of Real-Time Systems with Concurrent Processes
    Shokri-Manninen, Fatima
    Tsiopoulos, Leonidas
    Vain, Juri
    Walden, Marina
    RIGOROUS STATE-BASED METHODS, ABZ 2020, 2020, 12071 : 186 - 202
  • [6] Soft constraint programming to analysing security protocols
    Bella, G
    Bistarelli, S
    THEORY AND PRACTICE OF LOGIC PROGRAMMING, 2004, 4 : 545 - 572
  • [7] Using Refinement in Formal Development of OS Security Model
    Devyanin, Petr N.
    Khoroshilov, Alexey V.
    Kuliamin, Victor V.
    Petrenko, Alexander K.
    Shchepetkov, Ilya V.
    PERSPECTIVES OF SYSTEM INFORMATICS, PSI 2015, 2016, 9609 : 107 - 115
  • [8] Constructing and Reasoning About Security Protocols Using Invariants
    Mooij, Arjan J.
    ELECTRONIC NOTES IN THEORETICAL COMPUTER SCIENCE, 2008, 201 : 99 - 126
  • [9] Analysing Smart Home Security Using Packet Tracer Simulation Software
    Aziz, Nur Najihah Abdul
    Rechie, Rizzo Mungka Anak
    Bakry, Batrisyia B. Mohd
    Ab Rahman, Ruhani
    Yussoff, Yusnani Mohd
    11TH IEEE SYMPOSIUM ON COMPUTER APPLICATIONS & INDUSTRIAL ELECTRONICS (ISCAIE 2021), 2021, : 239 - 244
  • [10] Analysis of Concurrent Security Protocols Using Colored Petri Nets
    Long, Shigong
    2009 INTERNATIONAL CONFERENCE ON NETWORKING AND DIGITAL SOCIETY, VOL 1, PROCEEDINGS, 2009, : 227 - 230
123