77,391 research outputs found
Formal security analysis of registration protocols for interactive systems: a methodology and a case of study
In this work we present and formally analyze CHAT-SRP (CHAos based
Tickets-Secure Registration Protocol), a protocol to provide interactive and
collaborative platforms with a cryptographically robust solution to classical
security issues. Namely, we focus on the secrecy and authenticity properties
while keeping a high usability. In this sense, users are forced to blindly
trust the system administrators and developers. Moreover, as far as we know,
the use of formal methodologies for the verification of security properties of
communication protocols isn't yet a common practice. We propose here a
methodology to fill this gap, i.e., to analyse both the security of the
proposed protocol and the pertinence of the underlying premises. In this
concern, we propose the definition and formal evaluation of a protocol for the
distribution of digital identities. Once distributed, these identities can be
used to verify integrity and source of information. We base our security
analysis on tools for automatic verification of security protocols widely
accepted by the scientific community, and on the principles they are based
upon. In addition, it is assumed perfect cryptographic primitives in order to
focus the analysis on the exchange of protocol messages. The main property of
our protocol is the incorporation of tickets, created using digests of chaos
based nonces (numbers used only once) and users' personal data. Combined with a
multichannel authentication scheme with some previous knowledge, these tickets
provide security during the whole protocol by univocally linking each
registering user with a single request. [..]Comment: 32 pages, 7 figures, 8 listings, 1 tabl
SDL based validation of a node monitoring protocol
Mobile ad hoc network is a wireless, self-configured, infrastructureless
network of mobile nodes. The nodes are highly mobile, which makes the
application running on them face network related problems like node failure,
link failure, network level disconnection, scarcity of resources, buffer
degradation, and intermittent disconnection etc. Node failure and Network fault
are need to be monitored continuously by supervising the network status. Node
monitoring protocol is crucial, so it is required to test the protocol
exhaustively to verify and validate the functionality and accuracy of the
designed protocol. This paper presents a validation model for Node Monitoring
Protocol using Specification and Description Llanguage (SDL) using both Static
Agent (SA) and Mobile Agent (MA). We have verified properties of the Node
Monitoring Protocol (NMP) based on the global states with no exits, deadlock
states or proper termination states using reachability graph. Message Sequence
Chart (MSC) gives an intuitive understanding of the described system behavior
with varying node density and complex behavior etc.Comment: 16 pages, 24 figures, International Conference of Networks,
Communications, Wireless and Mobile 201
Automated analysis of feature models: Quo vadis?
Feature models have been used since the 90's to describe software product lines as a way of reusing common parts in a family of software systems. In 2010, a systematic literature review was published summarizing the advances and settling the basis of the area of Automated Analysis of Feature Models (AAFM). From then on, different studies have applied the AAFM in different domains. In this paper, we provide an overview of the evolution of this field since 2010 by performing a systematic mapping study considering 423 primary sources. We found six different variability facets where the AAFM is being applied that define the tendencies: product configuration and derivation; testing and evolution; reverse engineering; multi-model variability-analysis; variability modelling and variability-intensive systems. We also confirmed that there is a lack of industrial evidence in most of the cases. Finally, we present where and when the papers have been published and who are the authors and institutions that are contributing to the field. We observed that the maturity is proven by the increment in the number of journals published along the years as well as the diversity of conferences and workshops where papers are published. We also suggest some synergies with other areas such as cloud or mobile computing among others that can motivate further research in the future.Ministerio de Economía y Competitividad TIN2015-70560-RJunta de Andalucía TIC-186
Recommended from our members
Using formal methods to support testing
Formal methods and testing are two important approaches that assist in the development of high quality software. While traditionally these approaches have been seen as rivals, in recent
years a new consensus has developed in which they are seen as complementary. This article reviews the state of the art regarding ways in which the presence of a formal specification can be used to assist testing
Modelling Probabilistic Wireless Networks
We propose a process calculus to model high level wireless systems, where the
topology of a network is described by a digraph. The calculus enjoys features
which are proper of wireless networks, namely broadcast communication and
probabilistic behaviour. We first focus on the problem of composing wireless
networks, then we present a compositional theory based on a probabilistic
generalisation of the well known may-testing and must-testing pre- orders.
Also, we define an extensional semantics for our calculus, which will be used
to define both simulation and deadlock simulation preorders for wireless
networks. We prove that our simulation preorder is sound with respect to the
may-testing preorder; similarly, the deadlock simulation pre- order is sound
with respect to the must-testing preorder, for a large class of networks. We
also provide a counterexample showing that completeness of the simulation
preorder, with respect to the may testing one, does not hold. We conclude the
paper with an application of our theory to probabilistic routing protocols
- …