Quantitative analysis of a certified e-mail protocol in mobile environments: A probabilistic model checking approach

Formal analysis techniques, such as probabilistic model checking, offer an effective mechanism for model-based performance and verification studies of communication systems' behavior that can be abstractly described by a set of rules i.e., a protocol. This article presents an integrated approach for the quantitative analysis of the Certified E-mail Message Delivery (CEMD) protocol that provides security properties to electronic mail services. The proposed scheme employs a probabilistic model checking analysis and provides for the first time insights on the impact of CEMD's error tolerance on computational and transmission cost. It exploits an efficient combination of quantitative analysis and specific computational and communication parameters, i.e., the widely used Texas Instruments TMS320C55x Family operating in an High Speed Downlink Packet Access (HSDPA) mobile environment, where multiple CEMD participants execute parallel sessions with high bit error rates (BERs). Furthermore, it offers a tool-assistant approach for the protocol designers and analysts towards the verification of their products under varying parameters. Finally, this analysis can be also utilized towards reliably addressing cost-related issues of certain communication protocols and deciding on their cost-dependent viability, taking into account limitations that are introduced by hardware specifications of mobile devices and noisy mobile environments.

[1]  Thomas Haug,et al.  The GSM System for Mobile Communications , 1992 .

[2]  Stephan Merz,et al.  Modeling and verification of real-time systems : formalisms and software tools , 2008 .

[3]  Rudi van Drunen,et al.  Wireless Networks , 2007, USENIX Annual Technical Conference.

[4]  Andreas Willig,et al.  Guest Editorial: Special Section on Wireless Technologies in Factory and Industrial Automation, Part I , 2007, IEEE Trans. Ind. Informatics.

[5]  Marta Z. Kwiatkowska,et al.  PRISM 2.0: a tool for probabilistic model checking , 2004, First International Conference on the Quantitative Evaluation of Systems, 2004. QEST 2004. Proceedings..

[6]  Qi Bi,et al.  Wireless mobile communications at the start of the 21st century , 2001 .

[7]  William J. Stewart,et al.  Introduction to the numerical solution of Markov Chains , 1994 .

[8]  Fabrizio Granelli,et al.  Formal Methods in Cross Layer Modeling and Optimization of Wireless Networks: State of the Art and Future Directions , 2009 .

[9]  Nicolas Sklavos,et al.  A System-Level Analysis of Power Consumption & Optimizations in 3G Mobile Devices , 2007 .

[10]  Gul Agha,et al.  Formal Modeling and Analysis of DoS Using Probabilistic Rewrite Theories , 2005 .

[11]  Edmund M. Clarke,et al.  Model Checking , 1999, Handbook of Automated Reasoning.

[12]  A. W. Roscoe,et al.  Using CSP to Detect Errors in the TMN Protocol , 1997, IEEE Trans. Software Eng..

[13]  Robert K. Brayton,et al.  Model-checking continuous-time Markov chains , 2000, TOCL.

[14]  Panagiotis Katsaros,et al.  Probabilistic model checking for the quantification of DoS security threats , 2009, Comput. Secur..

[15]  Ramesh Karri,et al.  Minimizing energy consumption of secure wireless session with QoS constraints , 2002, 2002 IEEE International Conference on Communications. Conference Proceedings. ICC 2002 (Cat. No.02CH37333).

[16]  Panagiotis Katsaros,et al.  A roadmap to electronic payment transaction guarantees and a Colored Petri Net model checking approach , 2009, Inf. Softw. Technol..

[17]  Parthasarathy Ranganathan,et al.  Energy Consumption in Mobile Devices: Why Future Systems Need Requirements-Aware Energy Scale-Down , 2003, PACS.

[18]  Cristina Nita-Rotaru,et al.  Stateless-Recipient Certified E-Mail System Based on Verifiable Encryption , 2002, CT-RSA.

[19]  Geoff Varrall,et al.  3G handset and network design , 2003 .

[20]  Ren-Junn Hwang,et al.  Implementing the RSA algorithm on the TI TMS320C55x family , 2003, IEEE 37th Annual 2003 International Carnahan Conference onSecurity Technology, 2003. Proceedings..

[21]  Colin Boyd,et al.  Using Coloured Petri Nets to Simulate DoS-resistant Protocols , 2006 .

[22]  Mahesh Viswanathan,et al.  VESTA: A statistical model-checker and analyzer for probabilistic systems , 2005, Second International Conference on the Quantitative Evaluation of Systems (QEST'05).

[23]  Ren-Junn Hwang,et al.  Fast Firmware Implementation of RSA-Like Security Protocol for Mobile Devices , 2007, Wirel. Pers. Commun..

[24]  Ning Zhang,et al.  Fair certified e-mail delivery , 2004, SAC '04.

[25]  Catherine A. Meadows,et al.  A Cost-Based Framework for Analysis of Denial of Service Networks , 2001, J. Comput. Secur..

[26]  Gavin Lowe,et al.  Breaking and Fixing the Needham-Schroeder Public-Key Protocol Using FDR , 1996, Softw. Concepts Tools.

[27]  Sohaib Khan,et al.  HSDPA System Simulation , 2005 .

[28]  Andrea Bianco,et al.  Model Checking of Probabalistic and Nondeterministic Systems , 1995, FSTTCS.

[29]  Mahesh Viswanathan,et al.  On Statistical Model Checking of Stochastic Systems , 2005, CAV.

[30]  Christel Baier,et al.  Principles of model checking , 2008 .

[31]  Georgios I. Papadimitriou,et al.  Cost-Aware Wireless Data Broadcasting , 2010, IEEE Transactions on Broadcasting.

[32]  Prashant Krishnamurthy,et al.  On a framework for energy-efficient security protocols in wireless networks , 2004, Comput. Commun..

[33]  Bharat B. Madan,et al.  Modeling and quantification of security attributes of software systems , 2002, Proceedings International Conference on Dependable Systems and Networks.

[34]  Panagiotis Katsaros,et al.  A Probabilistic Attacker Model for Quantitative Verification of DoS Security Threats , 2008, 2008 32nd Annual IEEE International Computer Software and Applications Conference.

[35]  Yan Zhang,et al.  Wireless telemedicine services over integrated IEEE 802.11/WLAN and IEEE 802.16/WiMAX networks , 2010, IEEE Wireless Communications.