基于Event-B方法的安全协议设计、建模与验证
作者:
作者简介:

李梦君(1975-),男,湖北云梦人,博士,副教授,CCF专业会员,主要研究领域为形式化方法与技术信息安全技术,CPU验证;欧国东(1977-),男,博士,助理研究员,主要研究领域为计算机体系结构微处理器设计,形式化验证;潘国腾(1977-),男,博士,副研究员,CCF专业会员,主要研究领域为计算机体系结构微处理器设计,形式化验证.

通讯作者:

李梦君,E-mail:mengjun.li@163.com

基金项目:

国家自然科学基金(61672525);中国科学院信息工程研究所信息安全国家重点实验室开放课题(2016-MS-21)


Design, Modeling and Verification of Security Protocols Based on Event-B Method
Author:
Fund Project:

National Natural Science Foundation of China (61672525); Open Projects of the State Key Laboratory of Information Security (Institute of Information Engineering, The Chinese Academy of Sciences) (2016-MS-21)

  • 摘要
  • | |
  • 访问统计
  • |
  • 参考文献 [32]
  • |
  • 相似文献 [20]
  • |
  • 引证文献
  • | |
  • 文章评论
    摘要:

    随着软件精化验证方法以及Isabella/HOL、VCC等验证工具不断取得进展,研究者们开始采用精化方法和验证工具设计、建模安全协议和验证安全协议源程序的正确性.在介绍Event-B方法和验证工具Isabella/HOL、VCC的基础上,综述了基于Event-B方法的安全协议形式化设计、建模与源程序验证的典型研究工作,主要包括从需求规范到消息传递形式协议的安全协议精化设计、基于TPM(trusted platform module)的安全协议应用的精化建模以及从消息传递形式协议到代码的源程序精化验证.

    Abstract:

    With the progress in software refinement verification methods and theorem provers such as Isabella/HOL and VCC, researchers begin to study the design and modeling of security protocols and verify the correctness of their source codes based on the refinement technique and theorem provers. In this paper, the event-B method and verification tools Isabelle/HOL and VCC are introduced, and the typical work on the design and modeling of security protocols and verification of the correctness of their source codes is surveyed. These work include:the refinement design method of security protocols, the refinement modeling method of TPM-based protocol applications, and the refinement verification method of source code.

    参考文献
    [1] Blanchet B. Security protocol verification:Symbolic and computational models. In:Degano P, Guttman JD, eds. Proc. of the 1st Int'l Conf. on Principles of Security and Trust. Heidelberg:Springer-Verlag, 2012. 3-29.
    [2] Paulson LC. Inductive analysis of the Internet protocol TLS. ACM Trans. on Information and System Security, 1999,2(3):332-351.
    [3] Kaloper-Mersinjak D, Mehnert H, Madhavapeddy A, Sewell P. Not-Quite-So-Broken TLS:Lessons in re-engineering a security protocol specification and implementation. In:Jung J, Holz T, eds. Proc. of the 24th USENIX Security Symp. USENIX Association, 2015. 223-238.
    [4] Avalle M, Pironti A, Sisto R. Formal verification of security protocol implementations:A survey. Formal Aspects of Computing, 2014,26(1):99-123.
    [5] Aizatulin M, Gordon AD, Jürjens J. Extracting and verifying cryptographic models from C protocol code by symbolic execution. In Chen Y, Danezis G, Shmatikov V, eds. Proc. of the 18th ACM Conf. on Computer and Communications Security. ACM Press, 2011. 331-340.
    [6] Aizatulin M, Gordon AD, Jürjens J. Computational verification of C protocol implementations by symbolic execution. In:Yu T, Danezis G, Gligor VD, eds. Proc. of the 19th ACM Conf. on Computer and Communications Security. ACM Press, 2012. 712-723.
    [7] Bhargavan K, Fournet C, Gordon AD. Modular verification of security protocol code by typing. In:Hermenegildo MV, Palsberg J, eds. Proc. of the 37th ACM SIGPLAN-SIGACT Symp. on Principles of Programming Languages. ACM Press, 2010. 445-456.
    [8] Fournet C, Kohlweiss M, Strub PY. Modular code-based cryptographic verification. In:Chen Y, Danezis G, Shmatikov V, eds. Proc. of the 18th ACM Conf. on Computer and Communications Security. ACM Press, 2011. 341-350.
    [9] Swamy N, Chen J, Fournet C, Strub PY, Bhargavan K, Yang J. Secure distributed programming with value-dependent types. In:Chakravarty MMT, Hu ZJ, Danvy O, eds. Proc. of the 16th ACM SIGPLAN Int'l Conf. on Functional Programming. ACM Press, 2011. 266-278.
    [10] Abrial JR, Hallerstede S. Refinement, decomposition, and instantiation of discrete models:Application to event-B. Fundamenta Informaticae, 2007,77(1-2):1-28.
    [11] Greenaway D, Andronick J, Klein G. Bridging the gap:Automatic verified abstraction of C. In:Beringer L, Felty AP, eds. Proc. of the 3rd Int'l Conf. on Interactive Theorem Proving. Heidelberg:Springer-Verlag, 2012. 99-115.
    [12] Winwood S, Klein G, Sewell T, Andronick J, Cock D, Norrish M. Mind the gap:A verification framework for low-level C. In:Berghofer S, Nipkow T, Urban C, Wenzel M, eds. Proc. of the 22nd Int'l Conf. on Theorem Proving in Higher Order Logics. Heidelberg:Springer-Verlag, 2009. 500-515.
    [13] France RB, Rumpe B. Model-Driven development of complex software:A research roadmap. In:Briand LC, Wolf AL, eds. Proc. of the Workshop on the Future of Software Engineering. IEEE Computer Society, 2007. 37-54.
    [14] Back RJ. On the correctness of refinement steps in program development[Ph.D. Thesis]. Helsinki:University of Helsinki, 1978.
    [15] Morgan C. Programming from Specifications. 2nd ed., Prentice-Hall, 1994. 1-250.
    [16] Woodcock J, Davies J. Using Z, Specification, Refinement, and Proof. Prentice-Hall, 1996.
    [17] Abrial JR. Modeling in Event-B:System and Software Engineering. Cambridge University Press, 2010.
    [18] Abrial JR. From Z to B and then event-B:Assigning proofs to meaningful programs. In:Proc. of the IFM 2013. 2013. 1-15.
    [19] Abrial JR, Butler MJ, Hallerstede S, Hoang TS, Mehta F, Rodin VL. An open toolset for modelling and reasoning in event-B. Int'l Journal on Software Tools for Technology Transfer, 2010,12(6):447-466.
    [20] Sprenger C, Basin DA. Developing security protocols by refinement. In:AI-Shaer E, Keromytis AD, Shmatikov V, eds. Proc. of the 17th ACM Conf. on Computer and Communications Security. ACM Press, 2010. 361-374.
    [21] Sprenger C, Basin DA. Refining key establishment. In:Chong S, ed. Proc. of the 25th IEEE Computer Security Foundations Symp. IEEE Computer Society, 2012. 230-246.
    [22] Sprenger C, Basin DA. Refining security protocols. Journal of Computer Security, 2018,26(1):71-120.
    [23] Paulson LC. Isabelle:The next 700 theorem provers. In:Odifreddi P, ed. Proc. of the Logic and Computer Science. Academic Press, 1990. 361-386.
    [24] Cohen E, Dahlweid M, Hillebrand MA, Leinenbach D, Moskal M, Santen T, Schulte W, Tobies S. VCC:A practical system for verifying concurrent C. In:Berghofer S, Nipkow T, Urban C, Wenzel M, eds. Proc. of the 22nd Int'l Conf. on Theorem Proving in Higher Order Logics. Heidelberg:Springer-Verlag, 2009. 23-42.
    [25] Benaïssa N, Méry D. Proof-Based design of security protocols. In:Ablayev FM, Mayr EW, eds. Proc. of the 5th Int'l Computer Science Symp. in Russia. Heidelberg:Springer-Verlag, 2010. 25-36.
    [26] Huang WC, Xiong Y, Wang XF, et al. Fine-Grained refinement on TPM-based protocol applications. IEEE Trans. on Information Forensics and Security, 2013,8(6):1013-1026.
    [27] Snook C, Hoang TS, Butler M. Analysing security protocols using refinement in iUML-B. In:Barrett C, Davies M, Kahsai T, eds. Proc. of the NASA Formal Methods 2017. Heidelberg:Springer-Verlag, 2017. 84-98.
    [28] Polikarpova N, Moskal M. Verifying implementations of security protocols by refinement. In:Proc. of the VSTTE 2012. 2012. 50-65.
    [29] Bishop S, Fairbairn M, Norrish M, Sewell P, Smith M, Wansbrough K. Engineering with logic:HOL specification and symbolicevaluation testing for TCP implementations. In:Proc. of the POPL 2006. 2006. 55-66.
    [30] Bishop S, Fairbairn M, Norrish M, Sewell P, Smith M, Wansbrough K. Rigorous specification and conformance testing techniques for network protocols, as applied to TCP, UDP, and sockets. In:Guerin R, Govindan R, Minshall G, eds. Proc. of the ACM SIGCOMM 2005 Conf. on Applications, Technologies, Architectures, and Protocols for Computer Communications. ACM Press, 2005. 265-276.
    [31] Fürst A, Hoang TS, Basin DA, Desai K, Sato N, Miyazaki K. Code generation for event-B. In:Albert E, Sekerinski E, eds. Proc. of the 11th Int'l Conf. on Integrated Formal Methods. Heidelberg:Springer-Verlag, 2014. 323-338.
    [32] Méry D, Monahan R. Transforming event B models into verified C# implementations. In:Lisitsa A, Nemytykh AP, eds. Proc. of the 1st Int'l Workshop on Verification and Program Transformation. In:Proc. of the EPiC Series in Computing. 2013. 57-73.
    网友评论
    网友评论
    分享到微博
    发 布
引用本文

李梦君,潘国腾,欧国东.基于Event-B方法的安全协议设计、建模与验证.软件学报,2018,29(11):3400-3411

复制
分享
文章指标
  • 点击次数:3254
  • 下载次数: 6279
  • HTML阅读次数: 4352
  • 引用次数: 0
历史
  • 收稿日期:2018-01-08
  • 最后修改日期:2018-05-29
  • 在线发布日期: 2018-11-06
文章二维码
您是第20242765位访问者
版权所有:中国科学院软件研究所 京ICP备05046678号-3
地址:北京市海淀区中关村南四街4号,邮政编码:100190
电话:010-62562563 传真:010-62562533 Email:jos@iscas.ac.cn
技术支持:北京勤云科技发展有限公司

京公网安备 11040202500063号