Title :
Formal Analysis of PANA Authentication and Authorisation Protocol
Author_Institution :
Sirindhorn Int. Inst. of Technol., Thammasat Univ., Pathumthani
Abstract :
The extensible authentication protocol (EAP), which is typically used over wireless LANs and point-to-point links, allows a server to request authentication information from a client. The protocol for carrying authentication for network access (PANA) is designed to transport EAP messages over IP networks. This paper presents a formal coloured Petri net model and analysis of PANA, focusing on the initial authentication and authorisation phase. State space analysis of selected configurations reveals a deadlock may occur at the client when the server aborts a PANA authentication session. The analysis also derives a formal definition of the service between PANA and EAP, which is important for verifying that PANA correctly interfaces with EAP, and can later be used for automated testing.
Keywords :
IP networks; Petri nets; authorisation; formal verification; message authentication; protocols; telecommunication security; IP network; PANA authentication; authentication for network access; authorisation protocol; coloured Petri net model; extensible authentication protocol; formal analysis; state space analysis; Access protocols; Authentication; Authorization; IP networks; Network servers; State-space methods; System recovery; Transport protocols; Wireless LAN; Wireless application protocol; Petri nets; authentication; communication protocols; formal methods; verification;
Conference_Titel :
Parallel and Distributed Computing, Applications and Technologies, 2008. PDCAT 2008. Ninth International Conference on
Conference_Location :
Otago
Print_ISBN :
978-0-7695-3443-5
DOI :
10.1109/PDCAT.2008.12
