A BSP algorithm for on-the-fly checking CTL* formulas on security protocols

International audienceThis paper presents a distributed (Bulk-Synchronous Parallel or bsp) algorithm to compute on-the-fly whether a structured model of a security protocol satisfies a ctl {Mathematical expression} formula. Using the structured nature of the security protocols allows us to design a simple method to distribute the state space under consideration in a need-driven fashion. Based on this distribution of the states, the algorithm for logical checking of a ltl formula can be simplified and optimised allowing, with few tricky modifications, the design of an efficient algorithm for ctl {Mathematical expression} checking. Some prototype implementations have been developed, allowing to run benchmarks to investigate the parallel behaviour of our algorithms

A mobile agent clone detection system using general transferable E-cash and its specific implementation with Ferguson's E-coin.

by Lam Tak-Cheung.Thesis (M.Phil.)--Chinese University of Hong Kong, 2002.Includes bibliographical references (leaves 61-66).Abstracts in English and Chinese.Chapter 1. --- Introduction --- p.1Chapter 1.1 --- Evolution of the Mobile Agent Paradigm --- p.2Chapter 1.2 --- Beneficial Aspects of Mobile Agents --- p.3Chapter 1.3 --- Security Threats of Mobile Agents --- p.4Chapter 1.4 --- Organization of the Thesis --- p.6Chapter 2. --- Background of Cryptographic Theories --- p.7Chapter 2.1 --- Introduction --- p.7Chapter 2.2 --- Encryption and Decryption --- p.7Chapter 2.3 --- Six Cryptographic Primitives --- p.8Chapter 2.3.1 --- Symmetric Encryption --- p.8Chapter 2.3.2 --- Asymmetric Encryption --- p.9Chapter 2.3.3 --- Digital Signature --- p.9Chapter 2.3.4 --- Message Digest --- p.10Chapter 2.3.5 --- Digital Certificate --- p.11Chapter 2.3.6 --- Zero-Knowledge Proof --- p.11Chapter 2.4 --- RSA Public Key Cryptosystem --- p.12Chapter 2.5 --- Blind Signature --- p.13Chapter 2.6 --- Secret Sharing --- p.14Chapter 2.7 --- Conclusion Remarks --- p.14Chapter 3. --- Background of Mobile Agent Clones --- p.15Chapter 3.1 --- Introduction --- p.15Chapter 3.2 --- Types of Agent Clones --- p.15Chapter 3.3 --- Mobile Agent Cloning Problems --- p.16Chapter 3.4 --- Baek's Detection Scheme for Mobile Agent Clones --- p.17Chapter 3.4.1 --- The Main Idea --- p.17Chapter 3.4.2 --- Shortcomings of Baek's Scheme --- p.18Chapter 3.5 --- Conclusion Remarks --- p.19Chapter 4. --- Background of E-cash --- p.20Chapter 4.1 --- Introduction --- p.20Chapter 4.2 --- The General E-cash Model --- p.21Chapter 4.3 --- Chaum-Pedersen's General Transferable E-cash --- p.22Chapter 4.4 --- Ferguson's Single-term Off-line E-coins --- p.23Chapter 4.4.1 --- Technical Background of the Secure Tools --- p.24Chapter 4.4.2 --- Protocol Details --- p.27Chapter 4.5 --- Conclusion Remarks --- p.30Chapter 5. --- A Mobile Agent Clone Detection System using General Transferable E-cash --- p.31Chapter 5.1 --- Introduction --- p.31Chapter 5.2 --- Terminologies --- p.33Chapter 5.3 --- Mobile Agent Clone Detection System with Transferable E-cash --- p.34Chapter 5.4 --- Security and Privacy Analysis --- p.37Chapter 5.5 --- Attack Scenarios --- p.39Chapter 5.5.1 --- The Chosen Host Response Attack --- p.39Chapter 5.5.2 --- The Truncation and Substitution Attack --- p.40Chapter 5.6 --- An Alternative Scheme without Itinerary Privacy --- p.41Chapter 5.7 --- Conclusion Remarks --- p.43Chapter 6. --- Specific Implementation of the Mobile Agent Clone Detection System with Transferable Ferguson's E-coin --- p.45Chapter 6.1 --- Introduction --- p.45Chapter 6.2 --- The Clone Detection Environment --- p.46Chapter 6.3 --- Protocols --- p.48Chapter 6.3.2 --- Withdrawing E-tokens --- p.48Chapter 6.3.2 --- The Agent Creation Protocol --- p.51Chapter 6.3.3 --- The Agent Migration Protocol --- p.51Chapter 6.3.4 --- Clone Detection and Culprit Identification --- p.52Chapter 6.4 --- Security and Privacy Analysis --- p.54Chapter 6.5 --- Complexity Analysis --- p.55Chapter 6.5.1 --- Compact Passport --- p.55Chapter 6.5.2 --- Passport growth in size --- p.56Chapter 6.6 --- Conclusion Remarks --- p.56Chapter 7. --- Conclusions --- p.58Appendix 一 Papers derived from this thesis Bibliograph

A generic framework for process execution and secure multi-party transaction authorization

Process execution engines are not only an integral part of workflow and business process management systems but are increasingly used to build process-driven applications. In other words, they are potentially used in all kinds of software across all application domains. However, contemporary process engines and workflow systems are unsuitable for use in such diverse application scenarios for several reasons. The main shortcomings can be observed in the areas of interoperability, versatility, and programmability. Therefore, this thesis makes a step away from domain specific, monolithic workflow engines towards generic and versatile process runtime frameworks, which enable integration of process technology into all kinds of software. To achieve this, the idea and corresponding architecture of a generic and embeddable process virtual machine (ePVM), which supports defining process flows along the theoretical foundation of communicating extended finite state machines, are presented. The architecture focuses on the core process functionality such as control flow and state management, monitoring, persistence, and communication, while using JavaScript as a process definition language. This approach leads to a very generic yet easily programmable process framework. A fully functional prototype implementation of the proposed framework is provided along with multiple example applications. Despite the fact that business processes are increasingly automated and controlled by information systems, humans are still involved, directly or indirectly, in many of them. Thus, for process flows involving sensitive transactions, a highly secure authorization scheme supporting asynchronous multi-party transaction authorization must be available within process management systems. Therefore, along with the ePVM framework, this thesis presents a novel approach for secure remote multi-party transaction authentication - the zone trusted information channel (ZTIC). The ZTIC approach uniquely combines multiple desirable properties such as the highest level of security, ease-of-use, mobility, remote administration, and smooth integration with existing infrastructures into one device and method. Extensively evaluating both, the ePVM framework and the ZTIC, this thesis shows that ePVM in combination with the ZTIC approach represents a unique and very powerful framework for building workflow systems and process-driven applications including support for secure multi-party transaction authorization

Formally designing and implementing cyber security mechanisms in industrial control networks.

This dissertation describes progress in the state-of-the-art for developing and deploying formally verified cyber security devices in industrial control networks. It begins by detailing the unique struggles that are faced in industrial control networks and why concepts and technologies developed for securing traditional networks might not be appropriate. It uses these unique struggles and examples of contemporary cyber-attacks targeting control systems to argue that progress in securing control systems is best met with formal verification of systems, their specifications, and their security properties. This dissertation then presents a development process and identifies two technologies, TLA+ and seL4, that can be leveraged to produce a high-assurance embedded security device. The method presented in this dissertation takes an informal design of an embedded device that might be found in a control system and 1) formalizes the design within TLA+, 2) creates and mechanically checks a model built from the formal design, and 3) translates the TLA+ design into a component-based architecture of a native seL4 application. The later chapters of this dissertation describe an application of the process to a security preprocessor embedded device that was designed to add security mechanisms to the network communication of an existing control system. The device and its security properties are formally specified in TLA+ in chapter 4, mechanically checked in chapter 5, and finally its native seL4 architecture is implemented in chapter 6. Finally, the conclusions derived from the research are laid out, as well as some possibilities for expanding the presented method in the future

Proceedings of the First NASA Formal Methods Symposium

Topics covered include: Model Checking - My 27-Year Quest to Overcome the State Explosion Problem; Applying Formal Methods to NASA Projects: Transition from Research to Practice; TLA+: Whence, Wherefore, and Whither; Formal Methods Applications in Air Transportation; Theorem Proving in Intel Hardware Design; Building a Formal Model of a Human-Interactive System: Insights into the Integration of Formal Methods and Human Factors Engineering; Model Checking for Autonomic Systems Specified with ASSL; A Game-Theoretic Approach to Branching Time Abstract-Check-Refine Process; Software Model Checking Without Source Code; Generalized Abstract Symbolic Summaries; A Comparative Study of Randomized Constraint Solvers for Random-Symbolic Testing; Component-Oriented Behavior Extraction for Autonomic System Design; Automated Verification of Design Patterns with LePUS3; A Module Language for Typing by Contracts; From Goal-Oriented Requirements to Event-B Specifications; Introduction of Virtualization Technology to Multi-Process Model Checking; Comparing Techniques for Certified Static Analysis; Towards a Framework for Generating Tests to Satisfy Complex Code Coverage in Java Pathfinder; jFuzz: A Concolic Whitebox Fuzzer for Java; Machine-Checkable Timed CSP; Stochastic Formal Correctness of Numerical Algorithms; Deductive Verification of Cryptographic Software; Coloured Petri Net Refinement Specification and Correctness Proof with Coq; Modeling Guidelines for Code Generation in the Railway Signaling Context; Tactical Synthesis Of Efficient Global Search Algorithms; Towards Co-Engineering Communicating Autonomous Cyber-Physical Systems; and Formal Methods for Automated Diagnosis of Autosub 6000

Guess my vote : a study of opacity and information flow in voting systems

With an overall theme of information flow, this thesis has two main strands. In the first part of the thesis, I review existing information flow properties, highlighting a recent definition known as opacity [25]. Intuitively, a predicate cP is opaque if for every run in which cP is true, there exists an indistinguishable run in which it is false, where a run can be regarded as a sequence of events. Hence, the observer is never able to establish the truth of cPo The predicate cP can be defined according to requirements of the system, giving opacity a great deal of flexibility and versatility. Opacity is then studied in relation to several well-known definitions for information flow. As will be shown, several of these properties can be cast as variations of opacity, while others have a relationship by implication with the opacity property [139]. This demonstrates the flexibility of opacity, at the same time establishing its distinct character. In the second part of the thesis, I investigate information flow in voting systems. Pret a Voter [36] is the main exemplar, and is compared to other schemes in the case study. I first analyse information flow in Pret a Voter and the FOO scheme [59], concentrating on the core protocols. The aim is to investigate the security requirements of each scheme, and the extent to which they can be captured using opacity. I then discuss a systems-based analysis of Pret a Voter [163], which adapts and extends an earlier analysis of the Chaum [35] and Neff [131]' [132]' [133] schemes in [92]. Although this analysis has identified several potential vulnerabilities, it cannot be regarded as systematic, and a more rigorous approach may be necessary. It is possible that a combination of the information flow and systems- based analyses might be the answer. The analysis of coercion-resistance, which is performed on Pret a Voter and the FOO scheme, may exemplify this more systematic approach. Receipt-freeness usually means that the voter is unable to construct a proof of her vote. Coercion-resistance is a stronger property in that it accounts for the possibility of interaction between the coercer and the voter during protocol execution. It appears that the opacity property is ideally suited to expressing the requirements for coercion-resistance in each scheme. A formal definition of receipt-freeness cast as a variation of opacity is proposed [138], together with suggestions on how it might be reinforced to capture coercion-resistance. In total, the thesis demonstrates the remarkable flexibility of opacity, both in expressing differing security requirements and as a tool for security analysis. This work lays the groundwork for future enhancement of the opacity framework.EThOS - Electronic Theses Online ServiceDSTL : EPSRCGBUnited Kingdo

A methodology for the quantitative evaluation of attacks and mitigations in IoT systems

PhD ThesisAs we move towards a more distributed and unsupervised internet, namely through the Internet of Things (IoT), the avenues of attack multiply. To compound these issues, whilst attacks are developing, the current security of devices is much lower than for traditional systems. In this thesis I propose a new methodology for white box behaviour intrusion detection in constrained systems. I leverage the characteristics of these types of systems, namely their: heterogeneity, distributed nature, and constrained capabilities; to devise a pipeline, that given a specification of a IoT scenario can generate an actionable intrusion detection system to protect it. I identify key IoT scenarios for which more traditional black box approaches would not suffice, and devise means to bypass these limitations. The contributions include; 1) A survey of intrusion detection for IoT; 2) A modelling technique to observe interactions in IoT deployments; 3) A modelling approach that focuses on the observation of specific attacks on possible configurations of IoT devices; Combining these components: a specification of the system as per contribution 1 and a attack specification as per contribution 2, we can deploy a bespoke behaviour based IDS for the specified system. This one of a kind approach allows for the quick and efficient generation of attack detection from the onset, positioning this approach as particularly suitable to dynamic and constrained IoT environments