2,076 research outputs found
A BSP algorithm for on-the-fly checking CTL* formulas on security protocols
International audienceThis paper presents a distributed (Bulk-Synchronous Parallel or bsp) algorithm to compute on-the-fly whether a structured model of a security protocol satisfies a ctl {Mathematical expression} formula. Using the structured nature of the security protocols allows us to design a simple method to distribute the state space under consideration in a need-driven fashion. Based on this distribution of the states, the algorithm for logical checking of a ltl formula can be simplified and optimised allowing, with few tricky modifications, the design of an efficient algorithm for ctl {Mathematical expression} checking. Some prototype implementations have been developed, allowing to run benchmarks to investigate the parallel behaviour of our algorithms
A Logic for Constraint-based Security Protocol Analysis
We propose PS-LTL, a pure-past security linear temporal logic that allows the specification of a variety of authentication, secrecy and data freshness properties. Furthermore, we present a sound and complete decision procedure to establish the validity of security properties for symbolic execution traces, and show the integration with constraint-based analysis techniques
Applying Formal Methods to Networking: Theory, Techniques and Applications
Despite its great importance, modern network infrastructure is remarkable for
the lack of rigor in its engineering. The Internet which began as a research
experiment was never designed to handle the users and applications it hosts
today. The lack of formalization of the Internet architecture meant limited
abstractions and modularity, especially for the control and management planes,
thus requiring for every new need a new protocol built from scratch. This led
to an unwieldy ossified Internet architecture resistant to any attempts at
formal verification, and an Internet culture where expediency and pragmatism
are favored over formal correctness. Fortunately, recent work in the space of
clean slate Internet design---especially, the software defined networking (SDN)
paradigm---offers the Internet community another chance to develop the right
kind of architecture and abstractions. This has also led to a great resurgence
in interest of applying formal methods to specification, verification, and
synthesis of networking protocols and applications. In this paper, we present a
self-contained tutorial of the formidable amount of work that has been done in
formal methods, and present a survey of its applications to networking.Comment: 30 pages, submitted to IEEE Communications Surveys and Tutorial
Recommended from our members
A Static Verification Framework for Secure Peer-to-Peer Applications
In this paper we present a static verification framework to support the design and verification of secure peer-to-peer applications. The framework supports the specification, modeling, and analysis of security aspects together with the general characteristics of the system, during early stages of the development life-cycle. The approach avoids security issues to be taken into consideration as a separate layer that is added to the system as an afterthought by the use of security protocols. The main functionality supported by the framework are concerned with the modeling of the system together with its security aspects by using an extension of UML, modeling of abuse cases to represent scenarios of attackers and assist with the identification of properties to be verified, specification of properties to be verified in a graphical template language, verification of the models against the properties, and visualization of the results of the verification process
Recommended from our members
A UML-based static verification framework for security
Secure software engineering is a new research area that has been proposed to address security issues during the development of software systems. This new area of research advocates that security characteristics should be considered from the early stages of the software development life cycle and should not be added as another layer in the system on an ad-hoc basis after the system is built. In this paper, we describe a UML-based Static Verification Framework (USVF) to support the design and verification of secure software systems in early stages of the software development life-cycle taking into consideration security and general requirements of the software system. USVF performs static verification on UML models consisting of UML class and state machine diagrams extended by an action language. We present an operational semantics of UML models, define a property specification language designed to reason about temporal and general properties of UML state machines using the semantic domains of the former, and implement the model checking process by translating models and properties into Promela, the input language of the SPIN model checker. We show that the methodology can be applied to the verification of security properties by representing the main aspects of security, namely availability, integrity and confidentiality, in the USVF property specification language
A Formal Framework for Concrete Reputation Systems
In a reputation-based trust-management system, agents maintain information about the past behaviour of other agents. This information is used to guide future trust-based decisions about interaction. However, while trust management is a component in security decision-making, many existing reputation-based trust-management systems provide no formal security-guarantees. In this extended abstract, we describe a mathematical framework for a class of simple reputation-based systems. In these systems, decisions about interaction are taken based on policies that are exact requirements on agents’ past histories. We present a basic declarative language, based on pure-past linear temporal logic, intended for writing simple policies. While the basic language is reasonably expressive (encoding e.g. Chinese Wall policies) we show how one can extend it with quantification and parameterized events. This allows us to encode other policies known from the literature, e.g., ‘one-out-of-k’. The problem of checking a history with respect to a policy is efficient for the basic language, and tractable for the quantified language when policies do not have too many variables
Flow Logic
Flow networks have attracted a lot of research in computer science. Indeed,
many questions in numerous application areas can be reduced to questions about
flow networks. Many of these applications would benefit from a framework in
which one can formally reason about properties of flow networks that go beyond
their maximal flow. We introduce Flow Logics: modal logics that treat flow
functions as explicit first-order objects and enable the specification of rich
properties of flow networks. The syntax of our logic BFL* (Branching Flow
Logic) is similar to the syntax of the temporal logic CTL*, except that atomic
assertions may be flow propositions, like or , for
, which refer to the value of the flow in a vertex, and
that first-order quantification can be applied both to paths and to flow
functions. We present an exhaustive study of the theoretical and practical
aspects of BFL*, as well as extensions and fragments of it. Our extensions
include flow quantifications that range over non-integral flow functions or
over maximal flow functions, path quantification that ranges over paths along
which non-zero flow travels, past operators, and first-order quantification of
flow values. We focus on the model-checking problem and show that it is
PSPACE-complete, as it is for CTL*. Handling of flow quantifiers, however,
increases the complexity in terms of the network to , even
for the LFL and BFL fragments, which are the flow-counterparts of LTL and CTL.
We are still able to point to a useful fragment of BFL* for which the
model-checking problem can be solved in polynomial time. Finally, we introduce
and study the query-checking problem for BFL*, where under-specified BFL*
formulas are used for network exploration
Toward Synthesis of Network Updates
Updates to network configurations are notoriously difficult to implement
correctly. Even if the old and new configurations are correct, the update
process can introduce transient errors such as forwarding loops, dropped
packets, and access control violations. The key factor that makes updates
difficult to implement is that networks are distributed systems with hundreds
or even thousands of nodes, but updates must be rolled out one node at a time.
In networks today, the task of determining a correct sequence of updates is
usually done manually -- a tedious and error-prone process for network
operators. This paper presents a new tool for synthesizing network updates
automatically. The tool generates efficient updates that are guaranteed to
respect invariants specified by the operator. It works by navigating through
the (restricted) space of possible solutions, learning from counterexamples to
improve scalability and optimize performance. We have implemented our tool in
OCaml, and conducted experiments showing that it scales to networks with a
thousand switches and tens of switches updating.Comment: In Proceedings SYNT 2013, arXiv:1403.726
- …