Modeling and analysis of agent-based specifications of security protocols using CSANs and PDETool

Author

Akbarzadeh, Mojtaba ; Azgomi, Mohammad Abdollahi

Author_Institution

Sch. of Comput. Eng., Iran Univ. of Sci. & Technol., Tehran, Iran

fYear

2009

fDate

15-17 Dec. 2009

Firstpage

11

Lastpage

15

Abstract

Coloured stochastic activity networks (CSANs) are a useful formalism for modeling and analysis of computer systems and networks. PDETool is a new powerful modeling tool that supports CSANs. This paper is an attempt to propose a new approach for modeling and automatic verification of security protocols using CSANs and PDETool. In the proposed approach, the existing agents in the protocol are expressed formally as roles using the security protocols language (SPL) and then are modeled by CSANs. The approach has three steps. Firstly, the security protocol will be modeled regardless of the existence of any intruder. Secondly, different potential intruders will be modeled. Finally, by state space analysis of the model, the possibility of any security flaw in the protocol will be checked. As a case study, the Needham-Schroder and TMN protocols have been modeled and verified.

Keywords

access protocols; computer network security; formal specification; formal verification; state-space methods; CSAN; Needham-Schroder protocols; PDETool; TMN protocols; agent-based specifications; automatic verification; coloured stochastic activity networks; security protocols; security protocols language; state space analysis; Computer networks; Computer security; Petri nets; Power engineering and energy; Power engineering computing; Power system modeling; Power system security; Protocols; State-space methods; Stochastic systems;

fLanguage

English

Publisher

ieee

Conference_Titel

Innovations in Information Technology, 2009. IIT '09. International Conference on

Conference_Location

Al Ain

Print_ISBN

978-1-4244-5698-7

Type

conf

DOI

10.1109/IIT.2009.5413371

Filename

5413371