Formal Analysis and Verification of Security for AutomatedTrust Negotiation

doi:10.3969/j.issn.1000-565X.2013.01.012

Journal of South China University of Technology (Natural Science Edition) ›› 2013, Vol. 41 ›› Issue (1): 77-82,94.doi: 10.3969/j.issn.1000-565X.2013.01.012

• Computer Science & Technology • Previous Articles Next Articles

Formal Analysis and Verification of Security for AutomatedTrust Negotiation

Liu Xin-xin Tang Shao-hua

School of Computer Science and Engineering, South China University of Technology, Guangzhou 510640, Guangdong, China

Received:2012-04-25 Revised:2012-08-03 Online:2013-01-25 Published:2012-12-03
Contact: 唐韶华(1970-),男,教授,博士生导师,主要从事信息安全研究. E-mail:csshtang@scut.edu.cn
About author:刘欣欣(1977-),女,在职博士生,讲师,主要从事信息安全研究.E-mail:csliuxx@scut.edu.cn
Supported by:
广东省自然科学基金团队项目(9351064101000003);广东省高等学校珠江学者岗位计划资助项目(2011);广东省高等学校高层次人才项目(2012);广州市科技计划项目(2011J4300028)

Abstract

Abstract:

In order to implement the formal analysis and verification of the security for automated trust negotiation(ATN), this paper takes the formal analysis methods of security protocols as references and proposes a novel ap-proach to ATN modeling and security verification with the help of the process algebra applied π calculus. In this ap-proach, ATN is formalized as the parallel composition of two processes corresponding to two negotiators, and theprocess of a negotiator is the static modeling of its certificates and authorization policies. The ATN security is de-fined as the observational equivalence of the applied π calculus so as to verify not only the security of the authorizationpolicy enforcement but also the privacy of negotiators. With the help of the automatic protocol analyzer ProVerif,the security of ATN is automatically analyzed. Experimental results show that the proposed approach helps to imple-ment automatic security verification with high feasibility and efficiency.

Key words: automated trust negotiation, security, formal analysis, applied π calculus, observational equivalence, ProVerif

Liu Xin-xin Tang Shao-hua. Formal Analysis and Verification of Security for AutomatedTrust Negotiation[J]. Journal of South China University of Technology (Natural Science Edition), 2013, 41(1): 77-82,94.

[1]	LU Yiqin, XIE Wenjing, WANG Haihan, et al. Security-Aware Scheduling Method for Time-Sensitive Networking [J]. Journal of South China University of Technology(Natural Science Edition), 2023, 51(5): 1-12.
[2]	QIN Jiancheng, ZHONG Yu, CHENG Zhe, et al. Fast Modulus Algorithm for Internet of Things Key Exchange Based on Mersenne-like Numbers [J]. Journal of South China University of Technology(Natural Science Edition), 2023, 51(5): 24-35.
[3]	WU Haowei, HUANG Fengjiao, YAN Lian, et al. Legitimate Eavesdropping Scheme for Suspicious Relay Communication Networks [J]. Journal of South China University of Technology(Natural Science Edition), 2022, 50(10): 70-79.
[4]	LIN Shunjiang, TANG Zhiqiang, XIE Yuquan, et al. Distributed Calculation of Security-Constrained Optimal Energy Flow in Integrated Power and Gas Energy Systems [J]. Journal of South China University of Technology (Natural Science Edition), 2020, 48(7): 36-46.
[5]	LU Yiqin, MAO Zhongshu, CHENG Zhe, et al. Research on SDN Topology Attack and Its Defense Mechanism [J]. Journal of South China University of Technology (Natural Science Edition), 2020, 48(11): 114-122.
[6]	JIANG Cuiling PANG Yilin LIN Jiajun KANG Zhoumao . Image Hashing Authentication Method Based on Deep Convolution Neural Network [J]. Journal of South China University of Technology (Natural Science Edition), 2018, 46(5): 53-59.
[7]	WANG Lina WANG Bo ZHAI Liming XU Yibo . JPEG Image Steganography Based on Side Information Estimation [J]. Journal of South China University of Technology(Natural Science Edition), 2018, 46(5): 9-15.
[8]	WANG Yu-fei LIU Bei-bei HU Yong-jian ZHU Mei-neng. Detection of Time Domain Forgery of H.265 /HEVC Video [J]. Journal of South China University of Technology (Natural Science Edition), 2017, 45(1): 26-34.
[9]	WEN Zhi-cheng CHEN Zhi-gang TANG Jun. Prediction of Network Security Situation on the Basis of Time Series Analysis [J]. Journal of South China University of Technology (Natural Science Edition), 2016, 44(5): 137-143,150.
[10]	KE Feng MAI Fan DENG Yuan-yi CHEN Xiao-bin. Cooperative Jamming Strategy Based on Proximal Gradient Algorithm [J]. Journal of South China University of Technology (Natural Science Edition), 2016, 44(5): 1-7.
[11]	Zhou Na-qin Qi De-yu. Parameterized Decomposition Tree-Based Obfuscation Method with Double Flattening Control Flow [J]. Journal of South China University of Technology (Natural Science Edition), 2015, 43(5): 132-138.
[12]	Deng Zhuo-ming Liu Ming-bo. Reinforcement Learning Method Applied to Multiobjective Emergency Control of Transient Voltage Security [J]. Journal of South China University of Technology (Natural Science Edition), 2015, 43(12): 9-17.
[13]	Xu Hong- yun Xu Jun Gong Yu- jing Xu Meng- zhen. Algorithms to Generate Location Privacy Area Based on Location Privacy Protection with Spatial Cloaking [J]. Journal of South China University of Technology (Natural Science Edition), 2014, 42(1): 93-103.
[14]	Luo Yu- ling Du Ming- hui. Image Encryption Algorithm Based on Quantum Logistic Map in Wavelet Domain [J]. Journal of South China University of Technology (Natural Science Edition), 2013, 41(6): 53-62.
[15]	Jin Jian-xiu Zheng Yi-feng Li Xu-qiong. Evaluation of Image Scrambling Degree Based on Block Information Entropy Variance [J]. Journal of South China University of Technology (Natural Science Edition), 2013, 41(3): 8-14.

Formal Analysis and Verification of Security for AutomatedTrust Negotiation

PDF

Knowledge

Abstract

Cite this article

share this article

References

Related Articles 15

Recommended Articles

Metrics

Comments