Analyzing Security Protocols in Hierarchical Networks

Zhang, Ye; Nielson, Hanne Riis

doi:10.1007/11901914_32

Ye Zhang¹⁸ &
Hanne Riis Nielson¹⁸

Part of the book series: Lecture Notes in Computer Science ((LNPSE,volume 4218))

Included in the following conference series:

International Symposium on Automated Technology for Verification and Analysis

374 Accesses
1 Citations

Abstract

Validating security protocols is a well-known hard problem even in a simple setting of a single global network. But a real network often consists of, besides the public-accessed part, several sub-networks and thereby forms a hierarchical structure. In this paper we first present a process calculus capturing the characteristics of hierarchical networks and describe the behavior of protocols on such networks. We then develop a static analysis to automate the validation. Finally we demonstrate how the technique can benefit the protocol development and the design of network systems by presenting a series of experiments we have conducted.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 39.99; Price excludes VAT (USA)

Softcover Book: USD 54.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

References

Abadi, M.: Secrecy by typing in security protocols. Journal of the ACM 46(5), 749–786 (1999)
Article MATH MathSciNet Google Scholar
Bodei, C., Buchholtz, M., Degano, P., Nielson, F., Nielson, H.R.: Static validation of security protocols. Journal of Computer Security 13(3), 347–390 (2005)
Google Scholar
Buchholtz, M., Nielson, H.R., Nielson, F.: A calculus for control flow analysis of security protocols. Int. J. Inf. Sec. 2(3-4), 145–167 (2004)
Google Scholar
Bugliesi, M., Castagna, G., Crafa, S.: Boxed Ambients. In: Kobayashi, N., Pierce, B.C. (eds.) TACS 2001. LNCS, vol. 2215, pp. 38–63. Springer, Heidelberg (2001)
Chapter Google Scholar
Bugliesi, M., Castagna, G., Crafa, S.: Reasoning about security in mobile ambients. In: Larsen, K.G., Nielsen, M. (eds.) CONCUR 2001. LNCS, vol. 2154, pp. 102–120. Springer, Heidelberg (2001)
Chapter Google Scholar
Burrows, M., Abadi, M., Needham, R.M.: A logic of authentication. In: SOSP, pp. 1–13 (1989)
Google Scholar
Cardelli, L., Gordon, A.D.: Mobile ambients. Theor. Comput. Sci. 240(1), 177–213 (2000)
Article MATH MathSciNet Google Scholar
Clarke, E.M., Jha, S., Marrero, W.: Verifying security protocols with Brutus. ACM Transactions on Software Engineering and Methodology 9(4), 443–487 (2000)
Article Google Scholar
Dolev, D., Yao, A.C.: On the security of public key protocols. IEEE Transactions on Information Theory 29(2), 198–207 (1983)
Article MATH MathSciNet Google Scholar
Focardi, R., Gorrieri, R.: A taxonomy of security properties for process algebras. Journal of Computer Security 3(1), 5–34 (1995)
Google Scholar
Gordon, A.D., Jeffrey, A.: Authenticity by typing for security protocols. Journal of Computer Security 11(4), 451–520 (2003)
Google Scholar
Lowe, G.: An attack on the Needham-Schroeder public-key authentication protocol. Inf. Process. Lett. 56(3), 131–133 (1995)
Article MATH Google Scholar
Lowe, G.: Breaking and fixing the needham-schroeder public-key protocol using FDR. In: Margaria, T., Steffen, B. (eds.) TACAS 1996. LNCS, vol. 1055, pp. 147–166. Springer, Heidelberg (1996)
Google Scholar
Millen, J.K.: The interrogator: A tool for cryptographic protocol security. In: IEEE Symposium on Security and Privacy, pp. 134–141 (1984)
Google Scholar
Nielson, F., Nielson, H.R., Hansen, R.R.: Validating firewalls using flow logics. Theor. Comput. Sci. 283(2), 381–418 (2002)
Article MATH MathSciNet Google Scholar
Nielson, F., Seidl, H., Nielson, H.R.: A succinct solver for ALFP. Nord. J. Comput. 9(4), 335–372 (2002)
MATH MathSciNet Google Scholar
Nielson, H.R., Nielson, F.: Flow Logic: A multi-paradigmatic approach to static analysis. In: The Essence of Computation, pp. 223–244 (2002)
Google Scholar
Nielson, H.R., Nielson, F., Buchholtz, M.: Security for Mobility. In: FOSAD, pp. 207–265 (2002)
Google Scholar
Zhang, Y.: Static analysis for protocol validation in hierarchical networks. Master’s thesis, Technical University of Denmark (2005)
Google Scholar

Download references

Author information

Authors and Affiliations

Informatics and Mathematical Modelling, Technical University of Denmark, Richard Petersens Plads bldg 321, DK-2800, Kongens Lyngby, Denmark
Ye Zhang & Hanne Riis Nielson

Authors

Ye Zhang
View author publications
You can also search for this author in PubMed Google Scholar
Hanne Riis Nielson
View author publications
You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

VERIMAG, 2 Avenue de Vignate, Centre Equitation, 38610, Grenoble-Gières, France
Susanne Graf
Laboratory of Computer Science, Institute of Software, Chinese Academy of Sciences, Beijing, China
Wenhui Zhang

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Zhang, Y., Nielson, H.R. (2006). Analyzing Security Protocols in Hierarchical Networks. In: Graf, S., Zhang, W. (eds) Automated Technology for Verification and Analysis. ATVA 2006. Lecture Notes in Computer Science, vol 4218. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11901914_32

Download citation

DOI: https://doi.org/10.1007/11901914_32
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-47237-7
Online ISBN: 978-3-540-47238-4
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics