Validating the Security of Medusa: A survivability protocol for security systems

Wiebe Wiechers, Semir Daskapan

2005

Abstract

In this paper a new approach for enabling survivable secure communications in multi agent systems is validated through CSP/FDR state analysis. The security validation of this approach centers around three security properties: confidentiality, integrity and authentication. Requirements for these security properties are defined for every message generated by this security protocol during its life cycle. A logical analysis of these requirements is followed by a thorough security validation, based on a model-checking CSP/FDR analysis. Both analyses show that with minor modifications the protocol is able to deliver on its security requirements for the three tested security properties. Finally, the protocol is optimized with possible improvements that increase its efficiency whilst maintaining the security requirements.

References

  1. Birman, K. The Process Group Approach to Reliable Distributed Computing, In Communications of the ACM, 36(12), 1993, 37-53.
  2. Blaze, M., Feigenbaum, J., Ioannidis, J., Keromytis, A.D. The Role of Trust Management in Distributed Systems Security, Secure Internet Programming, J.Vitek, C. Jensen, ed., Springer-Verlag, 1999, 185-210.
  3. Cachin, C. and J. Poritz (2002). Secure Intrusion Tolerant Replication on the Internet, International Conference on Dependable Systems and Networks, Washington.
  4. Capkun, S., ButtyƔn, L., Hubaux, J.P. Self-Organized Public-Key Management for Mobile Ad Hoc Networks, IEEE Transactions on Mobile Computing, Vol. 2(1), 2003.
  5. Daskapan, S. Dependable security by twisted secret sharing, 19th IFIP Information Security Conference, Toulouse, 2004.
  6. Daskapan, S., Verbraeck, A., Vree, W.G. The merge of computing paradigms, 5th Int.Conf. on computer and information technology, Dhaka, 2002, 553-558.
  7. Daskapan, S., Vree, W.G., Sol, H.G. Building a Distributed Security Defence System. In Proc of the IEEE Int Conf. on Systems, Man & Cybernetics, Delft, 2004.
  8. Dolev, D., Yao, A.C. On the Security of Public Key Protocols, IEEE Transactions on Information Theory, 29(2), 1983.
  9. Donovan, B., Norris, P., Lowe G., Analyzing a library of security protocols using casper and FDR. In Proceedings of the Workshop on Formal Methods and Security Protocols, 1999
  10. Ellison, R., Fisher, D., Linger, R., Lipson, H., Longstaff T., Mead, N. Survivable network systems: An emerging discipline, Tech. Report CMU/SEI-97-153, CMU, Pittsburgh, 1997.
  11. Gong , L. (1993). "Increasing Availability and Security of an Authentication Service." IEEE Journal on Selected Areas in Communications 11(5): 657-662
  12. Hoare, C.A.R. Communicating Sequential Processes, MIT Press, 1988.
  13. Reiter, M. Secure Agreement Protocols: Reliable and Atomic Group Multicast in Rampart, In Proceedings of 2nd ACM Conf. on Comp. and Comm. Security, ACM, 1994, 68-80.
  14. Renesse, R. van, Birman, K., Maffeis, S. Horus: A Flexible Group Communication system, In Communications of the ACM, 39(4), 1996, 76-83.
  15. Roscoe, A.W. The Theory and Practice of Concurrency, Prentice-Hall, 1997.
  16. Ryan, P. Y. A., Schneider, S. A. The Modelling and Analysis of Security Protocols: the CSP Approach. Addison Wesley Publ. Co., Reading, Massachussetts, 2000.
  17. Schneider, S.A., Concurrent and Real Time Systems: the CSP Approach,AddisonWesley,1999.
  18. Shamir, A., How to Share a Secret, Communications of the ACM 22(11), 1979.
  19. Wiechers, W.K., Daskapan, S., Vree, W.G. Simulating the Establishment of Trust Infrastructures in Multi-Agent Systems, In 6h Int. Conference on E-Commerce, Delft 2004.
  20. Zhou, L., Haas, Z. J. Securing Ad Hoc Networks, IEEE Network Magazine, Vol. 13(6), 1999 21. Zimmermann, R. The Official PGP User's Guide, MIT Press, Cambridge, 1995.
Download


Paper Citation


in Harvard Style

Wiechers W. and Daskapan S. (2005). Validating the Security of Medusa: A survivability protocol for security systems . In Proceedings of the 3rd International Workshop on Security in Information Systems - Volume 1: WOSIS, (ICEIS 2005) ISBN 972-8865-25-2, pages 319-330. DOI: 10.5220/0002565503190330


in Bibtex Style

@conference{wosis05,
author={Wiebe Wiechers and Semir Daskapan},
title={Validating the Security of Medusa: A survivability protocol for security systems},
booktitle={Proceedings of the 3rd International Workshop on Security in Information Systems - Volume 1: WOSIS, (ICEIS 2005)},
year={2005},
pages={319-330},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0002565503190330},
isbn={972-8865-25-2},
}


in EndNote Style

TY - CONF
JO - Proceedings of the 3rd International Workshop on Security in Information Systems - Volume 1: WOSIS, (ICEIS 2005)
TI - Validating the Security of Medusa: A survivability protocol for security systems
SN - 972-8865-25-2
AU - Wiechers W.
AU - Daskapan S.
PY - 2005
SP - 319
EP - 330
DO - 10.5220/0002565503190330