Formal verification of secure group communication protocols modelled in UML

The paper discusses an experience in using Unified Modelling Language and two complementary verification tools in the framework of SAFECAST, a project on secured group communication systems design. AVISPA enabled detecting and fixing security flaws. The TURTLE toolkit enabled saving development time by eliminating design solutions with inappropriate temporal parameters.

[1]  Matti A. Hiltunen,et al.  Adaptive Distributed and Fault-Tolerant Systems , 2007 .

[2]  Yair Amir,et al.  Transis: a communication subsystem for high availability , 1992, [1992] Digest of Papers. FTCS-22: The Twenty-Second International Symposium on Fault-Tolerant Computing.

[3]  Gene Tsudik,et al.  CLIQUES: a new approach to group key agreement , 1998, Proceedings. 18th International Conference on Distributed Computing Systems (Cat. No.98CB36183).

[4]  Jingde Cheng,et al.  Patterning Protection Profiles by UML for Security Specifications , 2005, International Conference on Computational Intelligence for Modelling, Control and Automation and International Conference on Intelligent Agents, Web Technologies and Internet Commerce (CIMCA-IAWTIC'06).

[5]  Jing Xu,et al.  Performance analysis of security aspects by weaving scenarios extracted from UML models , 2009, J. Syst. Softw..

[6]  Olivier Festor,et al.  Group Key Management in MANETs , 2008, Int. J. Netw. Secur..

[7]  Alan Bundy,et al.  Attacking Group Multicast Key Management Protocols Using Coral , 2005, Electron. Notes Theor. Comput. Sci..

[8]  Yair Amir,et al.  Transis: A Communication Sub-system for High Availability , 1992 .

[9]  Danny Dolev,et al.  On the security of public key protocols , 1981, 22nd Annual Symposium on Foundations of Computer Science (sfcs 1981).

[10]  C. Meadows Extending Formal Cryptographic Protocol Analysis Techniques for Group Protocols and Low-Level Cryptographic Primitives , 2000 .

[11]  Chik How Tan,et al.  Energy-efficient ID-based group key agreement protocols for wireless networks , 2006, Proceedings 20th IEEE International Parallel & Distributed Processing Symposium.

[12]  Sebastian Mödersheim,et al.  The AVISPA Tool for the Automated Validation of Internet Security Protocols and Applications , 2005, CAV.

[13]  Li Gong,et al.  Enclaves: Enabling Secure Collaboration Over the Internet , 1996, IEEE J. Sel. Areas Commun..

[14]  A. Miri,et al.  Authenticated secure communications in mobile ad hoc networks , 2004, Canadian Conference on Electrical and Computer Engineering 2004 (IEEE Cat. No.04CH37513).

[15]  Suvo Mittra,et al.  Iolus: a framework for scalable secure multicasting , 1997, SIGCOMM '97.

[16]  Fumiaki Sato,et al.  A key distribution and rekeying framework with totally ordered multicast protocols , 2001, Proceedings 15th International Conference on Information Networking.

[17]  Atul Prakash,et al.  Antigone: policy-based secure group communication system and AMirD: Antigone-based secure file mirroring system , 2003, Proceedings DARPA Information Survivability Conference and Exposition.

[18]  Ludovic Apvrille,et al.  TURTLE: a real-time UML profile supported by a formal validation toolkit , 2004, IEEE Transactions on Software Engineering.

[19]  W. Vogels,et al.  The Horus and Ensemble projects: accomplishments and limitations , 2000, Proceedings DARPA Information Survivability Conference and Exposition. DISCEX'00.

[20]  Todd Montgomery,et al.  A High Performance Totally Ordered Multicast Protocol , 1994, Dagstuhl Seminar on Distributed Systems.

[21]  Jie Wu,et al.  Secure and efficient key management in mobile ad hoc networks , 2005, 19th IEEE International Parallel and Distributed Processing Symposium.

[22]  Nalini Venkatasubramanian,et al.  Exploring adaptability of secure group communication using formal prototyping techniques , 2004, Adaptive and Reflective Middleware.

[23]  Carlos Almeida Handling QoS in a Dynamic Real-Time Environment , 2003, WORDS.

[24]  Catherine A. Meadows,et al.  Formalizing GDOI group key management requirements in NPATRL , 2001, CCS '01.

[25]  Demissie B. Aredo,et al.  Integrating a Security Requirement Language with UML , 2004, UML.

[26]  Robbert van Renesse,et al.  Horus: a flexible group communication system , 1996, CACM.

[27]  Kenneth P. Birman,et al.  Bimodal multicast , 1999, TOCS.

[28]  Louise E. Moser,et al.  The Totem single-ring ordering and membership protocol , 1995, TOCS.

[29]  Jan Jürjens,et al.  Model-based security analysis for mobile communications , 2008, 2008 ACM/IEEE 30th International Conference on Software Engineering.

[30]  Mana Taghdiri,et al.  A Lightweight Formal Analysis of a Multicast Key Management Scheme , 2003, FORTE.

[31]  Pieter H. Hartel,et al.  Timed analysis of security protocols , 2005, J. Comput. Secur..

[32]  Alan Bundy,et al.  Attacking a Protocol for Group Key Agreement by Refuting Incorrect Inductive Conjectures , 2004, IJCAR.