Skip to main content

Advertisement

Springer Nature Link
Log in

Verification of RabbitMQ with Kerberos Using Timed Automata

  • Published:
Mobile Networks and Applications Aims and scope Submit manuscript

Abstract

RabbitMQ, an implementation of Advanced Message Queuing Protocol (AMQP), is a very popular message middleware. It supports concurrency, guarantees sequential consistency, and enables independent applications and services to communicate. Consequently, it is of great significance to ensure the secure communication of RabbitMQ. Therefore, Kerberos, a network authentication protocol, is introduced to combine with RabbitMQ to address this security issue. In this paper, we apply formal methods to model and verify RabbitMQ with Kerberos. By utilizing UPPAAL, RabbitMQ is abstracted to timed automata. Further, we validate the constructed model with the simulator in UPPAAL. On this basis, we verify whether RabbitMQ meets some basic but essential properties, including Reachability of Data, Concurrency, Sequence Consistency and Heartbeat Mechanism. Additionally, the security property Secure Communication is verified as well. From the verification results via UPPAAL, it can be found that RabbitMQ can totally cater for these properties and it maintains secure communication under the umbrella of Kerberos.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

We’re sorry, something doesn't seem to be working properly.

Please try refreshing the page. If that doesn't work, please contact support so we can address the problem.

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10
Fig. 11
Fig. 12
Fig. 13

Similar content being viewed by others

Data Availability

Not Applicable.

References

  1. Kinoshita M, Konoura H, Koike T, Leibnitz K, Murata M (2017) High throughput dequeuing technique in distributed message queues for IoT. J Inf Process 25:199–208

    Google Scholar 

  2. Jiang Y, Liu Q, Qin C, Su J, Liu Q (2019) Message-oriented middleware: A review. In: BigCom. IEEE, pp 88–97

  3. Liu Y, Zhang L J, Xing C (2020) Review for message-oriented middleware. In: Internet of Things - ICIOT 2020. Springer International Publishing, Cham, pp 152–159

  4. VMware (2022) RabbitMQ. https://www.rabbitmq.com/. Accessed 6 March 2022

  5. Apache (2022a) Kafka. https://kafka.apache.org/. Accessed 6 March 2022

  6. Apache (2022b) ActiveMQ. https://activemq.apache.org/. Accessed 6 March 2022

  7. Apache (2022c) RocketMQ. https://rocketmq.apache.org/. Accessed 6 March 2022

  8. OASIS (2022) AMQP. https://www.amqp.org/. Accessed 6 March 2022

  9. Appel S, Sachs K, Buchmann AP (2010) Towards benchmarking of AMQP. In: DEBS. ACM, pp 99–100

  10. Hunkeler U, Truong HL, Stanford-Clark AJ (2008) MQTT-S - A publish/subscribe protocol for wireless sensor networks. In: COMSWARE. IEEE, pp 791–798

  11. Mimouni SE, Bouhdadi M (2015) Formal modeling of the simple text oriented messaging protocol using event-b method. In: AICCSA. IEEE Computer Society, pp 1–4

  12. Osinski T, Dandoush A (2018) XMPP as a scalable multi-tenants isolation solution for onos-based software-defined cloud networks. In: CNSM. IEEE Computer Society, pp 300–303

  13. Neuman BC, Ts’o TY (1994) Kerberos: an authentication service for computer networks. IEEE Commun Mag 32(9):33–38

    Article  Google Scholar 

  14. Li R, Yin J, Zhu H (2020) Modeling and analysis of RabbitMQ using UPPAAL. In: TrustCom. IEEE, pp 79–86

  15. UPPAAL (2022) http://uppaal.org. Accessed 6 March 2022

  16. Behrmann G, David A, Larsen KG (2004) A tutorial on UPPAAL. In: SFM, Springer, Lecture Notes in Computer Science, vol 3185, pp 200–236

  17. Dobbelaere P, Esmaili KS (2017) Kafka versus RabbitMQ: A comparative study of two industry reference publish/subscribe implementations: Industry paper. In: DEBS. ACM, pp 227–238

  18. Matic M, Ivanovic S, Antic M, Papp I (2019) Health monitoring and auto-scaling RabbitMQ queues within the smart home system. In: ICCE-Berlin. IEEE, pp 380–384

  19. Prabhu C, Gandhi RV, Jain AK, Lalka VS, Thottempudi SG, Rao PP (2019) A novel approach to extend KM models with Object Knowledge Model (OKM) and Kafka for big data and semantic web with greater semantics. In: CISIS, Springer, Advances in Intelligent Systems and Computing, vol 993, pp 544–554

  20. Ofenloch A, Greif F (2018) A flexible distributed simulation environment for Cyber-Physical Systems using ZeroMQ. J Commun 13(6):333–337

    Article  Google Scholar 

  21. Chaisawat S, Vorakulpipat C (2021) Towards achieving personal privacy protection and data security on integrated E-Voting model of blockchain and message queue. Secur Commun Networks 2021:8338,616:1–8338,616:14

    Google Scholar 

  22. Hong XJ, Yang HS, Kim YH (2018) Performance analysis of RESTful API and RabbitMQ for microservice web application. In: ICTC. IEEE, pp 257–259

  23. Estrada N, Astudillo H (2015) Comparing scalability of message queue system: ZeroMQ vs RabbitMQ. In: CLEI. IEEE, pp 1–6

  24. Ionescu VM (2015) The analysis of the performance of RabbitMQ and ActiveMQ. In: RoEduNet. IEEE, pp 132–137

  25. Rodríguez A, Kristensen LM, Rutle A (2021) Verification of the MQTT IoT protocol using property-specific CTL sweep-line algorithms. Trans Petri Nets Other Model Concurr 15:165–183

    Article  MathSciNet  Google Scholar 

  26. Rodríguez A, Kristensen L M, Rutle A (2019a) Formal modelling and incremental verification of the MQTT IoT protocol. Trans Petri Nets Other Model Concurr 14:126–145

    Article  Google Scholar 

  27. Rodríguez A, Kristensen LM, Rutle A (2019b) On CTL model checking of the MQTT IoT protocol using the sweep-line method. In: PNSE@Petri Nets/ACSD, CEUR-WS.org, CEUR Workshop Proceedings, vol 2424, pp 57–72

  28. Rodríguez A, Kristensen LM, Rutle A (2018) On modelling and validation of the MQTT IoT protocol for M2M communication. In: PNSE@Petri Nets/ACSD, CEUR-WS.org, CEUR Workshop Proceedings, vol 2138, pp 99–118

  29. Xu J, Yin J, Zhu H, Xiao L (2021) Modeling and verifying producer-consumer communication in Kafka using CSP. In: ECBS. ACM, pp 9:1–9:10

  30. Lin Q, Wang S, Zhan B, Gu B (2020) Modelling and verification of real-time publish and subscribe protocol using UPPAAL and simulink/stateflow. J Comput Sci Technol 35(6):1324–1342

    Article  Google Scholar 

  31. Fei Y, Zhu H, Li X (2018) Modeling and verification of NLSR protocol using UPPAAL. In: TASE. IEEE Computer Society, pp 108–115

  32. Sun M, Lu Y, Feng Y, Zhang Q, Liu S (2021) Modeling and verifying the CKB blockchain consensus protocol. Mathematics 9(22)

  33. Kwon S, Son S, Choi Y, Lee J (2021) Protocol fuzzing to find security vulnerabilities of RabbitMQ. Concurr Comput Pract Exp 33(23)

  34. Li H, Niu Y, Yi J, Li H (2018) Securing offline delivery services by using Kerberos authentication. IEEE Access 6:40,735–40,746

    Article  Google Scholar 

  35. Xu C, Zhu H, Xie W (2017) Modeling and verifying identity authentication security of HDFS using CSP. In: APSEC. IEEE Computer Society, pp 259–268

Download references

Author information

Authors and Affiliations

  1. Shanghai Key Laboratory of Trustworthy Computing, East China Normal University, Shanghai, China

    Ran Li, Jiaqi Yin & Huibiao Zhu

  2. Nguyen Tat Thanh University, 300A Nguyen Tat Thanh Street, Ward 13, District 4, Ho Chi Minh City, Vietnam

    Phan Cong Vinh

Authors
  1. Ran Li
    View author publications

    You can also search for this author inPubMed Google Scholar

  2. Jiaqi Yin
    View author publications

    You can also search for this author inPubMed Google Scholar

  3. Huibiao Zhu
    View author publications

    You can also search for this author inPubMed Google Scholar

  4. Phan Cong Vinh
    View author publications

    You can also search for this author inPubMed Google Scholar

Corresponding authors

Correspondence to Jiaqi Yin or Huibiao Zhu.

Ethics declarations

Competing interests

We have no competing interests to declare that are relevant to the content of this article. This article does not involve ethics issues.

Additional information

Publisher’s Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Li, R., Yin, J., Zhu, H. et al. Verification of RabbitMQ with Kerberos Using Timed Automata. Mobile Netw Appl 27, 2049–2067 (2022). https://doi.org/10.1007/s11036-022-01986-8

Download citation

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11036-022-01986-8

Keywords