The AnBx compiler is a tool for automatic generation of Java implementations of security protocols specified in a simple and abstract model that can be formally verified. In our model-driven development approach, protocols are described in AnBx , an extension of the Alice & Bob notation. Along with the synthesis of consistency checks, the tool analyses the security goals and produces annotations that allow the verification of the generated implementation with ProVerif.
The rapid advancement of internet technologies has dramatically increased the number of connected devices. This has created a huge attack surface that requires the deployment of effective and practical countermeasures to protect network infrastructures from the harm that cyber-attacks can cause. Hence, there is an absolute need to differentiate boundaries in personal information and cloud and fog computing globally and the adoption of specific information security policies and regulations. The goal of the security policy and framework for cloud and fog computing is to protect the end-users and their information, reduce task-based operations, aid in compliance, and create standards for expected user actions, all of which are based on the use of established rules for cloud computing. Moreover, intrusion detection systems are widely adopted solutions to monitor and analyze network traffic and detect anomalies that can help identify ongoing adversarial activities, trigger alerts, and automatically block traffic from hostile sources. This survey paper analyzes factors, including the application of technologies and techniques, which can enable the deployment of security policy on fog and cloud computing successfully. The paper focuses on a Software-as-a-Service (SaaS) and intrusion detection, which provides an effective and resilient system structure for users and organizations. Our survey aims to provide a framework for a cloud and fog computing security policy, while addressing the required security tools, policies, and services, particularly for cloud and fog environments for organizational adoption. While developing the essential linkage between requirements, legal aspects, analyzing techniques and systems to reduce intrusion detection, we recommend the strategies for cloud and fog computing security policies. The paper develops structured guidelines for ways in which organizations can adopt and audit the security of their systems as security is an essential component of their systems and presents an agile current state-of-the-art review of intrusion detection systems and their principles. Functionalities and techniques for developing these defense mechanisms are considered, along with concrete products utilized in operational systems. Finally, we discuss evaluation criteria and open-ended challenges in this area.
Abstract. We integrate, and improve upon, prior relative soundness results of two kinds. The first kind are typing results showing that any security protocol that fulfils a number of sufficient conditions has an attack if it has a well-typed attack. The second kind considers the parallel composition of protocols, showing that when running two protocols in parallel allows for an attack, then at least one of the protocols has an attack in isolation. The most important generalization over previous work is the support for all security properties of the geometric fragment.
Designing distributed protocols is complex and requires actions at very different levels: from the design of an interaction flow supporting the desired application-specific guarantees, to the selection of the most appropriate network-level protection mechanisms. To tame this complexity, we propose AnBx , a formal protocol specification language based on the popular Alice & Bob notation. AnBx offers channels as the main abstraction for communication, providing different authenticity and/or confidentiality guarantees for message transmission. AnBx extends existing proposals in the literature with a novel notion of forwarding channels, enforcing specific security guarantees from the message originator to the final recipient along a number of intermediate forwarding agents. We give a formal semantics of AnBx in terms of a state transition system expressed in the AVISPA Intermediate Format. We devise an ideal channel model and a possible cryptographic implementation, and we show that, under mild restrictions, the two representations coincide, thus making AnBx amenable to automated verification with different tools. We demonstrate the benefits of the declarative specification style distinctive of AnBx by revisiting the design of two existing e-payment protocols, iKP and SET.
The implementation of security protocols is challenging and error-prone, as experience has proved that even widely used and heavily tested protocols like TLS and SSH need to be patched every year due to low-level implementation bugs. A model-driven development approach allows automatic generation of an application, from a simpler and abstract model that can be formally verified. In this work we present the AnBx compiler, a tool for automatic generation of Java code of security protocols specified in the popular Alice & Bob notation, suitable for agile prototyping. In contrast with the existing tools, the AnBx compiler uses a simpler specification language and computes the consistency checks that agents has to perform on reception of messages. This is an important feature for robust implementations. Moreover, the tool applies various optimization strategies to achieve efficiency both at compile time and at run time. A support library interfaces the Java Cryptographic Architecture allowing for easy customization of the application. AbstractThe implementation of security protocols is challenging and error-prone, as experience has proved that even widely used and heavily tested protocols like TLS and SSH need to be patched every year due to low-level implementation bugs. A model-driven development approach allows automatic generation of an application, from a simpler and abstract model that can be formally verified. In this work we present the AnBx compiler, a tool for automatic generation of Java code of security protocols specified in the popular Alice & Bob notation, suitable for agile prototyping. In contrast with the existing tools, the AnBx compiler uses a simpler specification language and computes the consistency checks that agents has to perform on reception of messages. This is an important feature for robust implementations. Moreover, the tool applies various optimization strategies to achieve efficiency both at compile time and at run time. A support library interfaces the Java Cryptographic Architecture allowing for easy customization of the application. About the authors Suggested keywords SECURITY PROTOCOLS JAVA CODE GENERATION APPLIED FORMAL METHODSEfficient Java Code Generation of Security Protocols specified in AnB/AnBx Paolo ModestiSchool of Computing Science, Newcastle University, UK paolo.modesti@newcastle.ac.ukAbstract. The implementation of security protocols is challenging and error-prone, as experience has shown that even widely used and heavily tested protocols like TLS and SSH need to be patched every year due to low-level implementation bugs. A model-driven development approach allows the automatic generation of an application, from a simpler and abstract model that can be formally verified. In this work we present the AnBx compiler, a tool for automatic generation of Java code of security protocols specified in the popular Alice & Bob notation, suitable for agile prototyping. In contrast with existing tools, the AnBx compiler uses a simpler specification language and computes t...
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.