Model-Driven Engineering for Formal Verification and Security Testing of Authentication Protocols
Even if the verification of authentication protocols can be achieved by means of formal analysis, the modelling of such an activity is an error-prone task due to the lack of automated and integrated processes. This paper proposes a comprehensive approach, based on the Unified Modeling Language (UML)...
Gespeichert in:
| Hauptverfasser: | , , |
|---|---|
| Format: | Artikel |
| Sprache: | eng |
| Schlagworte: | |
| Online-Zugang: | Volltext bestellen |
| Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
| container_end_page | |
|---|---|
| container_issue | |
| container_start_page | |
| container_title | |
| container_volume | |
| creator | Raimondo, Mariapia Marrone, Stefano Palladino, Angelo |
| description | Even if the verification of authentication protocols can be achieved by means
of formal analysis, the modelling of such an activity is an error-prone task
due to the lack of automated and integrated processes. This paper proposes a
comprehensive approach, based on the Unified Modeling Language (UML) profiling
technique and on model-transformation, to enable automatic analysis of
authentication protocols starting from high-level models. In particular, a
UML-based approach is able to generate an annotated model of communication
protocols from which formal notations (e.g., AnBx, Tamarin) can be generated.
Such models in lower-level languages can be analysed with existing solvers
and/or with traditional testing techniques by means of test case generation
approaches. The industrial impact of the research is high due to the growing
need of security and the necessity to connect industrial processes and
equipment to virtualised computing infrastructures. The research is conducted
on two case studies: railway signalling systems and blockchain based
applications. |
| doi_str_mv | 10.48550/arxiv.2210.03020 |
| format | Article |
| fullrecord | <record><control><sourceid>arxiv_GOX</sourceid><recordid>TN_cdi_arxiv_primary_2210_03020</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>2210_03020</sourcerecordid><originalsourceid>FETCH-LOGICAL-a670-c953bb437e533285518ddf56156dc16a0497c57d8a97553d9c0f8f4392c9283e3</originalsourceid><addsrcrecordid>eNo1j8FKAzEURbNxIdUPcNX8wNRMMplMlqW2KrQoOHQ7vCYvNTBNJJMW-_dOq64uHC6Xewh5KNmsaqRkj5C-_WnG-QiYYJzdEthEi33xlPwJA12GvQ-IyYc9dTHRVUwH6Ol2JM4byD4GCsHSDzTH5POZtjjkSzk6Oj_mTwz5v_aeYo4m9sMduXHQD3j_lxPSrpbt4qVYvz2_LubrAmrFCqOl2O0qoVAKwcezZWOtk3Upa2vKGlillZHKNqCVlMJqw1zjKqG50bwRKCZk-jt7dey-kj9AOncX1-7qKn4ASGZPbQ</addsrcrecordid><sourcetype>Open Access Repository</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype></control><display><type>article</type><title>Model-Driven Engineering for Formal Verification and Security Testing of Authentication Protocols</title><source>arXiv.org</source><creator>Raimondo, Mariapia ; Marrone, Stefano ; Palladino, Angelo</creator><creatorcontrib>Raimondo, Mariapia ; Marrone, Stefano ; Palladino, Angelo</creatorcontrib><description>Even if the verification of authentication protocols can be achieved by means
of formal analysis, the modelling of such an activity is an error-prone task
due to the lack of automated and integrated processes. This paper proposes a
comprehensive approach, based on the Unified Modeling Language (UML) profiling
technique and on model-transformation, to enable automatic analysis of
authentication protocols starting from high-level models. In particular, a
UML-based approach is able to generate an annotated model of communication
protocols from which formal notations (e.g., AnBx, Tamarin) can be generated.
Such models in lower-level languages can be analysed with existing solvers
and/or with traditional testing techniques by means of test case generation
approaches. The industrial impact of the research is high due to the growing
need of security and the necessity to connect industrial processes and
equipment to virtualised computing infrastructures. The research is conducted
on two case studies: railway signalling systems and blockchain based
applications.</description><identifier>DOI: 10.48550/arxiv.2210.03020</identifier><language>eng</language><subject>Computer Science - Cryptography and Security</subject><creationdate>2022-10</creationdate><rights>http://creativecommons.org/licenses/by/4.0</rights><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><link.rule.ids>228,230,781,886</link.rule.ids><linktorsrc>$$Uhttps://arxiv.org/abs/2210.03020$$EView_record_in_Cornell_University$$FView_record_in_$$GCornell_University$$Hfree_for_read</linktorsrc><backlink>$$Uhttps://doi.org/10.48550/arXiv.2210.03020$$DView paper in arXiv$$Hfree_for_read</backlink></links><search><creatorcontrib>Raimondo, Mariapia</creatorcontrib><creatorcontrib>Marrone, Stefano</creatorcontrib><creatorcontrib>Palladino, Angelo</creatorcontrib><title>Model-Driven Engineering for Formal Verification and Security Testing of Authentication Protocols</title><description>Even if the verification of authentication protocols can be achieved by means
of formal analysis, the modelling of such an activity is an error-prone task
due to the lack of automated and integrated processes. This paper proposes a
comprehensive approach, based on the Unified Modeling Language (UML) profiling
technique and on model-transformation, to enable automatic analysis of
authentication protocols starting from high-level models. In particular, a
UML-based approach is able to generate an annotated model of communication
protocols from which formal notations (e.g., AnBx, Tamarin) can be generated.
Such models in lower-level languages can be analysed with existing solvers
and/or with traditional testing techniques by means of test case generation
approaches. The industrial impact of the research is high due to the growing
need of security and the necessity to connect industrial processes and
equipment to virtualised computing infrastructures. The research is conducted
on two case studies: railway signalling systems and blockchain based
applications.</description><subject>Computer Science - Cryptography and Security</subject><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2022</creationdate><recordtype>article</recordtype><sourceid>GOX</sourceid><recordid>eNo1j8FKAzEURbNxIdUPcNX8wNRMMplMlqW2KrQoOHQ7vCYvNTBNJJMW-_dOq64uHC6Xewh5KNmsaqRkj5C-_WnG-QiYYJzdEthEi33xlPwJA12GvQ-IyYc9dTHRVUwH6Ol2JM4byD4GCsHSDzTH5POZtjjkSzk6Oj_mTwz5v_aeYo4m9sMduXHQD3j_lxPSrpbt4qVYvz2_LubrAmrFCqOl2O0qoVAKwcezZWOtk3Upa2vKGlillZHKNqCVlMJqw1zjKqG50bwRKCZk-jt7dey-kj9AOncX1-7qKn4ASGZPbQ</recordid><startdate>20221006</startdate><enddate>20221006</enddate><creator>Raimondo, Mariapia</creator><creator>Marrone, Stefano</creator><creator>Palladino, Angelo</creator><scope>AKY</scope><scope>GOX</scope></search><sort><creationdate>20221006</creationdate><title>Model-Driven Engineering for Formal Verification and Security Testing of Authentication Protocols</title><author>Raimondo, Mariapia ; Marrone, Stefano ; Palladino, Angelo</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-a670-c953bb437e533285518ddf56156dc16a0497c57d8a97553d9c0f8f4392c9283e3</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2022</creationdate><topic>Computer Science - Cryptography and Security</topic><toplevel>online_resources</toplevel><creatorcontrib>Raimondo, Mariapia</creatorcontrib><creatorcontrib>Marrone, Stefano</creatorcontrib><creatorcontrib>Palladino, Angelo</creatorcontrib><collection>arXiv Computer Science</collection><collection>arXiv.org</collection></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext_linktorsrc</fulltext></delivery><addata><au>Raimondo, Mariapia</au><au>Marrone, Stefano</au><au>Palladino, Angelo</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>Model-Driven Engineering for Formal Verification and Security Testing of Authentication Protocols</atitle><date>2022-10-06</date><risdate>2022</risdate><abstract>Even if the verification of authentication protocols can be achieved by means
of formal analysis, the modelling of such an activity is an error-prone task
due to the lack of automated and integrated processes. This paper proposes a
comprehensive approach, based on the Unified Modeling Language (UML) profiling
technique and on model-transformation, to enable automatic analysis of
authentication protocols starting from high-level models. In particular, a
UML-based approach is able to generate an annotated model of communication
protocols from which formal notations (e.g., AnBx, Tamarin) can be generated.
Such models in lower-level languages can be analysed with existing solvers
and/or with traditional testing techniques by means of test case generation
approaches. The industrial impact of the research is high due to the growing
need of security and the necessity to connect industrial processes and
equipment to virtualised computing infrastructures. The research is conducted
on two case studies: railway signalling systems and blockchain based
applications.</abstract><doi>10.48550/arxiv.2210.03020</doi><oa>free_for_read</oa></addata></record> |
| fulltext | fulltext_linktorsrc |
| identifier | DOI: 10.48550/arxiv.2210.03020 |
| ispartof | |
| issn | |
| language | eng |
| recordid | cdi_arxiv_primary_2210_03020 |
| source | arXiv.org |
| subjects | Computer Science - Cryptography and Security |
| title | Model-Driven Engineering for Formal Verification and Security Testing of Authentication Protocols |
| url | https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2024-12-18T05%3A41%3A44IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-arxiv_GOX&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=Model-Driven%20Engineering%20for%20Formal%20Verification%20and%20Security%20Testing%20of%20Authentication%20Protocols&rft.au=Raimondo,%20Mariapia&rft.date=2022-10-06&rft_id=info:doi/10.48550/arxiv.2210.03020&rft_dat=%3Carxiv_GOX%3E2210_03020%3C/arxiv_GOX%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_id=info:pmid/&rfr_iscdi=true |