SAT-based model-checking for security protocols analysis

Armando, Alessandro; Compagna, Luca

doi:10.1007/s10207-007-0041-y

Cited by 80 publications

(65 citation statements)

References 58 publications

(86 reference statements)

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…SATMC [5,6] is one of the back-ends of the AVISPA Tool [13] and has been key to the discovery of serious flaws in security protocols [14,15]. Given a planning system P S, an LTL formula φ, and a positive integer k as input, SATMC builds a propositional formula whose models (if any) correspond to initialized execution paths χ of P S of length at most k such that χ |= φ.…”

Section: From Access-controlled Workflow Systems To Planning Systemsmentioning

confidence: 99%

See 1 more Smart Citation

Model Checking of Security-Sensitive Business Processes

Armando

Ponta

2010

Formal Aspects in Security and Trust

Self Cite

View full text Add to dashboard Cite

Abstract. Security-sensitive business processes are business processes that must comply with security requirements (e.g. authorization constraints). In previous works it has been shown that model checking can be profitably used for the automatic analysis of security-sensitive business processes. But building a formal model that simultaneously accounts for both the workflow and the access control policy is a time consuming and error-prone activity. In this paper we present a new approach to model checking security-sensitive business processes that allows for the separate specification of the workflow and of the associated security policy while retaining the ability to carry out a fully automatic analysis of the process. To illustrate the effectiveness of the approach we describe its application to a version of the Loan Origination Process featuring an RBAC access control policy extended with delegation.

show abstract

Section: From Access-controlled Workflow Systems To Planning Systemsmentioning

confidence: 99%

“…By using SATMC [5,6], a model checker for planning systems, we have detected serious flaws in our original specification of the LOP and this has led us to the definition of a new, improved version of the business process.…”

Section: Introductionmentioning

confidence: 99%

Model Checking of Security-Sensitive Business Processes

Armando

Ponta

2010

Formal Aspects in Security and Trust

Self Cite

View full text Add to dashboard Cite

show abstract

“…Both assumptions are violated by the model checking problem we consider, since (i) the models we consider are defined over a set of states which is not bounded a priori and (ii) first-order LTL formulae are allowed. In [9] we showed that the first problem can be tackled by computing a planning graph of the problem of depth k. A planning graph [17] (module Planning Graph Generator) is a succinct representation of an overapproximation of the states reachable in k steps. The planning graph is also key to reducing the first-order LTL formula (C ⇒ G) to an equivalent (in a sense that will be defined later) propositional LTL formula (via the Goal Grounding module) which is then reduced to SAT using techniques developed for bounded model checking of reactive systems [14] (via the PLTL2SAT module).…”

Section: Ltl Formula Confidential To(c P) G ∀(Rcvd(a B M C) ⇒ a =mentioning

confidence: 99%

“…, k, where each layer Γ i is a set of facts concisely representing the set of states Γ i = {S : S ⊆ Γ i }. The construction of a planning graph for M goes beyond the scope of this paper and the interested reader is referred to [9] for more details. For the purpose of this paper it suffices to know that (i) Γ 0 is set to the initial state of M , (ii) if S is reachable from the initial state of M in i steps, then S ∈ Γ i (or equivalently S ⊆ Γ i ) for i = 0, .…”

Section: Sat-based Model Checking Of Security-critical Systemsmentioning

confidence: 99%

See 1 more Smart Citation

SATMC: A SAT-Based Model Checker for Security-Critical Systems

Armando

Carbone

Compagna³

2014

Tools and Algorithms for the Construction and Analysis of Systems

Self Cite

View full text Add to dashboard Cite

Abstract. We present SATMC 3.0, a SAT-based bounded model checker for security-critical systems that stems from a successful combination of encoding techniques originally developed for planning with techniques developed for the analysis of reactive systems. SATMC has been successfully applied in a variety of application domains (security protocols, securitysensitive business processes, and cryptographic APIs) and for different purposes (design-time security analysis and security testing). SATMC strikes a balance between general purpose model checkers and security protocol analyzers as witnessed by a number of important success stories including the discovery of a serious man-in-the-middle attack on the SAML-based Single Sign-On (SSO) for Google Apps, an authentication flaw in the SAML 2.0 Web Browser SSO Profile, and a number of attacks on PKCS#11 Security Tokens. SATMC is integrated and used as back-end in a number of research prototypes (e.g., the AVISPA Tool, Tookan, the SPaCIoS Tool) and industrial-strength tools (e.g., the Security Validator plugin for SAP NetWeaver BPM).

show abstract

Model‐based mutation testing from security protocols in HLPSL

Dadeau

Héam

Kheddam

et al. 2014

Software Testing Verif & Rel

View full text Add to dashboard Cite

International audienceIn recent years, important efforts have been made for offering a dedicated language for modelling and verifying security protocols. Outcome of the European project AVISPA, the high-level security protocol language (HLPSL) aims at providing a means for verifying usual security properties (such as data secrecy) in message exchanges between agents. However, verifying the security protocol model does not guarantee that the actual implementation of the protocol will fulfil these properties. This article presents a model-based testing approach, relying on the mutation of HLPSL models to generate abstract test cases. The proposed mutations aim at introducing leaks in the security protocols and represent real-world implementation errors. The mutated models are then analysed by the automated validation of Internet security protocols and applications tool set, which produces, when the mutant protocol is declared unsafe, counterexample traces exploiting the security flaws and, thus, providing test cases. A dedicated framework is then used to concretize the abstract attack traces, bridging the gap between the formal model level and the implementation level. This model-based testing technique has been experimented on a wide range of security protocols, in order to evaluate the mutation operators. This process has also been fully tool-supported, from the mutation of the HLPSL model to the concretization of the abstract test cases into test scripts. It has been applied to a realistic case study of the Paypal payment protocol, which made it possible to discover a vulnerability in an implementation of an e-commerce framework

show abstract

SAT-based model-checking for security protocols analysis

Cited by 80 publications

References 58 publications

Model Checking of Security-Sensitive Business Processes

Model Checking of Security-Sensitive Business Processes

SATMC: A SAT-Based Model Checker for Security-Critical Systems

Model‐based mutation testing from security protocols in HLPSL

Contact Info

Product

Resources

About