Title :
Modelling, verification, and formal analysis of security properties in a P2P system
Author :
Sanjabi, Sam B. ; Pommereau, Franck
Author_Institution :
Lab. d´´Algorithmiques, Complexite, et Logique (LACL), Univ. de Paris-Est, Créteil, France
Abstract :
We present a security analysis of the SPREADS system, a distributed storage service based on a centralized peer-to-peer architecture. We formally modelled the salient behavior of the actual system using ABCD, a high level specification language with a coloured Petri net semantics, which allowed the execution states of the system to be verified. We verified the behavior of the system in the presence of an external Dolev-Yao attacker, unearthing some replay attacks in the original system. Furthermore, since the implementation is also a formal model, we have been able to show that any execution of the model satisfies certain desirable security properties once these flaws are repaired.
Keywords :
peer-to-peer computing; program verification; security of data; specification languages; ABCD; P2P system; SPREADS system; centralized peer-to-peer architecture; coloured Petri net semantics; external Dolev-Yao attacker; formal analysis; high level specification language; security analysis; Collaboration; Data security; Information retrieval; Information security; Memory; Network servers; Peer to peer computing; Reed-Solomon codes; Secure storage; Tin; Middleware Security; Privacy Protection for Collaborative Systems; Secure Collaborative Agents; Security for Speecific Collaboration Domains (P2P); Security in Collaborative Multi-Agent Systems;
Conference_Titel :
Collaborative Technologies and Systems (CTS), 2010 International Symposium on
Conference_Location :
Chicago, IL
Print_ISBN :
978-1-4244-6619-1
DOI :
10.1109/CTS.2010.5478474
