An Extended UML Method for the Verification of Security Protocols

被引：5

作者：

Shen, Gang ^{[1
]}

Li, Xiaohong ^{[1
]}

Feng, Ruitao ^{[1
]}

Xu, Guangquan ^{[1
]}

Hu, Jing ^{[1
]}

Feng, Zhiyong ^{[1
]}

机构：

[1] Tianjin Univ, Sch Comp Sci & Technol, Tianjin Key Lab Cognit Comp & Applicat, Tianjin 300072, Peoples R China

来源：

2014 19TH INTERNATIONAL CONFERENCE ON ENGINEERING OF COMPLEX COMPUTER SYSTEMS (ICECCS 2014) | 2014年

关键词：

extended UML; confidentiality; correspondence; Spi calculus; ProVerif;

D O I：

10.1109/ICECCS.2014.12

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

This paper presents a formal modeling method of security protocols based on the extended UML framework. In order to simplify the process and reduce the difficulty of security protocol modelling, extending mechanisms for the class diagram and sequence diagram of UML are presented, which provide an engineering specification for the security protocol formalizing. Therefore, for verifying the confidentiality and correspondence of security protocols by ProVerif, a transformation from extended UML model to ProVerif Spi calculus model is realized with matching rules and knowledge reasoning, and then the verifying results are analyzed through a regular expression. Finally, the handshake, NS public key and buyer-seller watermarking protocols are verified, the attack traces of unsatisfied security properties are exported, that show the validity and applicability of the approach provided by this paper.

引用

页码：19 / 28

页数：10

共 16 条

[1] Prudent engineering practice for cryptographic protocols
Abadi, M
Needham, R
[J]. IEEE TRANSACTIONS ON SOFTWARE ENGINEERING, 1996, 22 (01) : 6 - 15
[2] Amnell Tobias, 2001, WORKSH SPEC IMPL VAL
[3] [Anonymous], NEW TECHN DISTR SYST
[4] Armando A, 2005, LECT NOTES COMPUT SC, V3576, P281
[5] An efficient cryptographic protocol verifier based on prolog rules
Blanchet, B
[J]. 14TH IEEE COMPUTER SECURITY FOUNDATIONS WORKSHOP, PROCEEDINGS, 2001, : 82 - 96
[6] Dan L, 2010, IEEE INT C ENG COMP, P349, DOI [10.1109/ICECCS.2010.47, 10.1109/ICECCS.2010.55]
[7] Ibrahim Ibrahim M., 2007, 2007 3rd International Symposium on Information Assurance and Security, P21
[8] Jurjens J., 2002, "UML" 2002 - Unified Modeling Language. Model Engineering, Concepts, and Tools. 5th International Conference. Proceedings (Lecture Notes in Computer Science Vol.2460), P412
[9] Kaliappan Prabhu Shankar, 2008, 2008 International Conference on Computer Science and Software Engineering (CSSE 2008), P227, DOI 10.1109/CSSE.2008.976
[10] Lodderstedt Torsten., 2002, UML 02 P 5 INT C UNI, P426, DOI DOI 10.1007/3-540-45800-X_33

← 1 2 →