skip to main content
10.1145/3365438.3410946acmconferencesArticle/Chapter ViewAbstractPublication PagesmodelsConference Proceedingsconference-collections
research-article

Scenario-based specification of security protocols and transformation to security model checkers

Published: 16 October 2020 Publication History

Abstract

Security protocols ensure secure communication between and within systems such as internet services, factories, and smartphones. As evidenced by numerous successful attacks against popular protocols such as TLS, designing protocols securely is a tedious and error-prone task. Model checkers greatly aid protocol verification, yet any single model checker is oftentimes insufficient to check a protocol's security in full. Instead, engineers are forced to maintain multiple overlapping and hopefully non-contradicting and non-diverging specifications, one per model-checking tool---an error-prone task.
To address this problem, this paper presents VICE, a scenario-based approach to security-protocol verification. It provides a visual modeling language based for specifying security protocols independent of the model checker. It then automatically transforms the relevant fragments of these models into equivalent inputs to multiple model checkers. In result, VICE completely relieves the security engineer from choosing and specifying queries via a fully automatic generation of all necessary queries.
Through a case study involving real-world specifications of eight security protocols, we show that VICE is applicable in practice.

References

[1]
Martín Abadi, Bruno Blanchet, and Cédric Fournet. [n.d.]. The Applied Pi Calculus: Mobile Values, New Names, and Secure Communication. http://arxiv.org/pdf/1609.03003v2
[2]
Martín Abadi and Cédric Fournet. 2001. Mobile values, new names, and secure communication. In Proceedings of the 28th ACM SIGPLAN-SIGACT symposium on Principles of programming languages - POPL '01, Chris Hankin and Dave Schmidt (Eds.). ACM Press, New York, New York, USA, 104--115.
[3]
Silvia Abrahão, Carmine Gravino, Emilio Insfran, Giuseppe Scanniello, and Genoveffa Tortora. 2013. Assessing the Effectiveness of Sequence Diagrams in the Comprehension of Functional Requirements: Results from a Family of Five Experiments. IEEE Transactions on Software Engineering 39, 3 (2013), 327--342.
[4]
Rabéa Ameur-Boulifa, Florian Lugou, and Ludovic Apvrille. 2019. SysML Model Transformation for Safety and Security Analysis. In Security and Safety Interplay of Intelligent Software Systems, Brahim Hamid, Barbara Gallina, Asaf Shabtai, Yuval Elovici, and Joaquin Garcia-Alfaro (Eds.). Lecture Notes in Computer Science, Vol. 11552. Springer International Publishing, Cham, 35--49.
[5]
Bruno Blanchet. 11--13 June 2001. An efficient cryptographic protocol verifier based on prolog rules. In Proceedings. 14th IEEE Computer Security Foundations Workshop, 2001. IEEE, 82--96.
[6]
Bruno Blanchet. 2016. Modeling and Verifying Security Protocols with the Applied Pi Calculus and ProVerif. Foundations and Trends® in Privacy and Security 1, 1--2 (2016), 1--135.
[7]
Antonio Bucchiarone, Jordi Cabot, Richard F. Paige, and Alfonso Pierantonio. 2020. Grand challenges in model-driven engineering: an analysis of the state of the research. Software and Systems Modeling 19, 1 (2020), 5--13.
[8]
Michael Burrows, Martin Abadi, and Roger Needham. 1990. A logic of authentication. ACM Transactions on Computer Systems (TOCS) 8, 1 (1990), 18--36.
[9]
John Clark and Jeremy Jacob. 2002. Security Protocols Open Repository. http://www.lsv.fr/Software/spore/index.html
[10]
Véronique Cortier, Stéphanie Delaune, and Pascal Lafourcade. 2006. A survey of algebraic properties used in cryptographic protocols. Journal of Computer Security 14, 1 (2006), 1--43.
[11]
Werner Damm and David Harel. 2001. LSCs: Breathing Life into Message Sequence Charts. Formal Methods in System Design 19, 1 (2001), 45--80.
[12]
Dorothy E. Denning and Giovanni Maria Sacco. 1981. Timestamps in key distribution protocols. Commun. ACM 24, 8 (1981), 533--536.
[13]
Long Di Li and Alwen Tiu. 2019. Combining ProVerif and Automated Theorem Provers for Security Protocol Verification. In Automated Deduction - CADE 27, Pascal Fontaine (Ed.). Springer International Publishing, Cham, 354--365.
[14]
Jannik Dreier, Lucca Hirschi, Sasa Radomirovic, and Ralf Sasse. 09.07.2018 - 12.07.2018. Automated Unbounded Verification of Stateful Cryptographic Protocols with Exclusive OR. In 2018 IEEE 31st Computer Security Foundations Symposium (CSF). IEEE, 359--373.
[15]
Kunding Fang, Xiaohong Li, Jianye Hao, and Zhiyong Feng. 23.08.2016 - 26.08.2016. Formal Modeling and Verification of Security Protocols on Cloud Computing Systems Based on UML 2.3. In 2016 IEEE Trustcom/BigDataSE/ISPA. IEEE, 852--859.
[16]
Li Gong. 1989. Using one-way functions for authentication. ACM SIGCOMM Computer Communication Review 19, 5 (1989), 8--11.
[17]
David Harel and Shahar Maoz. 2008. Assert and negate revisited: Modal semantics for UML sequence diagrams. Software & Systems Modeling 7, 2 (2008), 237--252.
[18]
Jameleddine Hassine, Juergen Rilling, and Rachida Dssouli. 2010. An Evaluation of Timed Scenario Notations. Journal of Systems and Software 83, 2 (2010), 326--350.
[19]
Jörg Holtmann, Markus Fockel, Thorsten Koch, David Schmelter, Christian Brenner, Ruslan Bernijazov, and Marcel Sander. 2016. The MechatronicUML Requirements Engineering Method: Process and Language. Technical Report tr-ri-16-351. Software Engineering Department, Fraunhofer IEM / Software Engineering Group, Heinz Nixdorf Institute.
[20]
Jan Jürjens. 2002. UMLsec: Extending UML for Secure Systems Development. In The unified modeling language, Jean-Marc Jézéquel (Ed.). Lecture Notes in Computer Science, Vol. 2460. Springer, Berlin [u.a.], 412--425.
[21]
Barbara Kitchenham, Lesley M. Pickard, and Shari Lawrence Pfleeger. 1995. Case studies for method and tool evaluation. IEEE Software 12, 4 (1995), 52--62.
[22]
Grischa Liebel and Matthias Tichy. 2015. Comparing Comprehensibility of Modelling Languages for Specifying Behavioural Requirements. In Proceedings of the First International Workshop on Human Factors in Modeling (HuFaMo). 17--24.
[23]
Torsten Lodderstedt, David Basin, and Jürgen Doser. 2002. SecureUML: A UML-Based Modeling Language for Model-Driven Security. In «UML» 2002 --- The Unified Modeling Language, Jean-Marc Jézéquel, Heinrich Hussmann, and Stephen Cook (Eds.). Springer Berlin Heidelberg, Berlin, Heidelberg, 426--441.
[24]
Gavin Lowe. 1996. Breaking and fixing the Needham-Schroeder Public-Key Protocol using FDR. In Tools and Algorithms for the Construction and Analysis of Systems, Gerhard Goos, Juris Hartmanis, Jan Leeuwen, Tiziana Margaria, and Bernhard Steffen (Eds.). Lecture Notes in Computer Science, Vol. 1055. Springer Berlin Heidelberg, Berlin, Heidelberg, 147--166.
[25]
Florian Lugou, Letitia W. Li, Ludovic Apvrille, and Rabéa Ameur-Boulifa. 2016. SysML Models and Model Transformation for Security. In MODELSWARD 2016, Slimane Hammoudi (Ed.). SCITEPRESS - Science and Technology Publications Lda, Setübal, 331--338.
[26]
Simon Meier, Benedikt Schmidt, Cas Cremers, and David A. Basin. 2013. The TAMARIN Prover for the Symbolic Analysis of Security Protocols. In Computer Aided Verification - 25th International Conference, CAV 2013, Saint Petersburg, Russia, July 13--19, 2013. Proceedings (Lecture Notes in Computer Science, Vol. 8044), Natasha Sharygina and Helmut Veith (Eds.). Springer, 696--701.
[27]
Nina Moebius, Kurt Stenzel, Holger Grandy, and Wolfgang Reif. 16.03.2009 - 19.03.2009. SecureMDD: A Model-Driven Development Method for Secure Smart Card Applications. In 2009 International Conference on Availability, Reliability and Security. IEEE, 841--846.
[28]
Object Management Group (OMG). 2014. OMG Object Constraint Language (OCL) - Version 2.4. OMG Document Number: formal/14-02-03.
[29]
Object Management Group (OMG). 2017. OMG Systems Modeling Language (OMG SysML) - Version 1.5. OMG Document Number: formal/2017-05-01.
[30]
Object Management Group (OMG). 2017. OMG Unified Modeling Language (OMG UML) - Version 2.5.1. OMG Document Number: formal/2017-12-05.
[31]
Per Runeson (Ed.). 2012. Case study research in software engineering: Guidelines and examples (1st ed. ed.). Wiley, Hoboken, N.J.
[32]
Per Runeson and Martin Höst. 2009. Guidelines for conducting and reporting case study research in software engineering. Empirical Software Engineering 14, 2 (2009), 131--164.
[33]
Gang Shen, Xiaohong Li, Ruitao Feng, Guangquan Xu, Jing Hu, and Zhiyong Feng. 2014. An Extended UML Method for the Verification of Security Protocols. In 2014 19th International Conference on Engineering of Complex Computer Systems (ICECCS). IEEE, Piscataway, NJ, 19--28.
[34]
Ton van Deursen and Saša Radomirović. 2009. Attacks on RFID Protocols. Cryptology ePrint Archive 2008, 310 (6 Aug. 2009), 1--56.
[35]
Marc-Florian Wendland, Martin Schneider, and Øystein Haugen. 2013. Evolution of the UML Interactions Metamodel. In Proceedings MODELS 2013 (LNCS). Springer, 405--421.
[36]
Thomas Woo and Simon S. Lam. 24--26 May 1993. A semantic model for authentication protocols. In Proceedings 1993 IEEE Computer Society Symposium on Research in Security and Privacy. IEEE Comput. Soc. Press, 178--194.
[37]
World Economic Forum. 2019. Global risks 2019: Insight report (14th edition ed.). World Economic Forum, Geneva.

Cited By

View all
  • (2024)Evaluating formal model verification tools in an industrial context: the case of a smart device life cycle management systemSoftware and Systems Modeling10.1007/s10270-024-01201-0Online publication date: 16-Aug-2024
  • (2023)A novel formal logic for formal analysis of timeliness in non-repudiation protocolsJournal of King Saud University - Computer and Information Sciences10.1016/j.jksuci.2023.10166435:8(101664)Online publication date: Sep-2023
  • (2022)Feedback on the formal verification of UML models in an industrial contextProceedings of the 25th International Conference on Model Driven Engineering Languages and Systems10.1145/3550355.3552454(121-131)Online publication date: 23-Oct-2022

Index Terms

  1. Scenario-based specification of security protocols and transformation to security model checkers

        Recommendations

        Comments

        Information & Contributors

        Information

        Published In

        cover image ACM Conferences
        MODELS '20: Proceedings of the 23rd ACM/IEEE International Conference on Model Driven Engineering Languages and Systems
        October 2020
        406 pages
        ISBN:9781450370196
        DOI:10.1145/3365438
        Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

        Sponsors

        In-Cooperation

        • IEEE CS

        Publisher

        Association for Computing Machinery

        New York, NY, United States

        Publication History

        Published: 16 October 2020

        Permissions

        Request permissions for this article.

        Check for updates

        Author Tags

        1. model transformation
        2. security protocols
        3. verification

        Qualifiers

        • Research-article

        Funding Sources

        • European Regional Development Fund

        Conference

        MODELS '20
        Sponsor:

        Acceptance Rates

        MODELS '20 Paper Acceptance Rate 35 of 127 submissions, 28%;
        Overall Acceptance Rate 144 of 506 submissions, 28%

        Contributors

        Other Metrics

        Bibliometrics & Citations

        Bibliometrics

        Article Metrics

        • Downloads (Last 12 months)14
        • Downloads (Last 6 weeks)1
        Reflects downloads up to 20 Feb 2025

        Other Metrics

        Citations

        Cited By

        View all
        • (2024)Evaluating formal model verification tools in an industrial context: the case of a smart device life cycle management systemSoftware and Systems Modeling10.1007/s10270-024-01201-0Online publication date: 16-Aug-2024
        • (2023)A novel formal logic for formal analysis of timeliness in non-repudiation protocolsJournal of King Saud University - Computer and Information Sciences10.1016/j.jksuci.2023.10166435:8(101664)Online publication date: Sep-2023
        • (2022)Feedback on the formal verification of UML models in an industrial contextProceedings of the 25th International Conference on Model Driven Engineering Languages and Systems10.1145/3550355.3552454(121-131)Online publication date: 23-Oct-2022

        View Options

        Login options

        View options

        PDF

        View or Download as a PDF file.

        PDF

        eReader

        View online with eReader.

        eReader

        Figures

        Tables

        Media

        Share

        Share

        Share this Publication link

        Share on social media