Modeling and verifying NDN access control using CSP

Yuan Fei; Huibiao Zhu

doi:10.1007/978-3-030-02450-5_9

Modeling and verifying NDN access control using CSP

Yuan Fei
, Huibiao Zhu^*

^*Corresponding author for this work

Software Engineering Institute

East China Normal University

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

10 Scopus citations

Abstract

Named Data Networking (NDN) is a new promising architecture of information-centric networking. NDN could not reuse the existing access control solutions designed for the IP architecture due to their fundamental difference of design, as well as NDNs caching property. As a result, several access control solutions have been proposed for NDN. One of them is specially for both closed and open environment. In this paper, we make the very first attempt to model and verify several important properties of NDN access control. We adopt CSP (Communicating Sequential Processes) to model the NDN access control proposed by Hamdane et al., as well as their security properties. By feeding the models into the model checker PAT (Process Analysis Toolkit), we have verified that the NDN access control cannot prevent the NK key pair faking and the data leakage with the appearance of intruders. We introduce a new method to solve these issues. Considering the situation when the entities are invaded, we also improve our method to make the NDN access control strong enough to maintain the property of key authenticity and data security in this vulnerable situation. We hope that our study would help enhancing the adaptability and robustness of the NDN access control.

Original language	English
Title of host publication	Formal Methods and Software Engineering - 20th International Conference on Formal Engineering Methods, ICFEM 2018, Proceedings
Editors	Jing Sun, Meng Sun
Publisher	Springer Verlag
Pages	143-159
Number of pages	17
ISBN (Print)	9783030024499
DOIs	https://doi.org/10.1007/978-3-030-02450-5_9
State	Published - 2018
Event	20th International Conference on Formal Engineering Methods, ICFEM 2018 - Gold Coast, Australia Duration: 12 Nov 2018 → 16 Nov 2018

Publication series

Name	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume	11232 LNCS
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Conference

Conference	20th International Conference on Formal Engineering Methods, ICFEM 2018
Country/Territory	Australia
City	Gold Coast
Period	12/11/18 → 16/11/18

Keywords

Access control
Modeling
Named Data Networking (NDN)
Verification

Access to Document

10.1007/978-3-030-02450-5_9

Cite this

Fei, Y., & Zhu, H. (2018). Modeling and verifying NDN access control using CSP. In J. Sun, & M. Sun (Eds.), Formal Methods and Software Engineering - 20th International Conference on Formal Engineering Methods, ICFEM 2018, Proceedings (pp. 143-159). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 11232 LNCS). Springer Verlag. https://doi.org/10.1007/978-3-030-02450-5_9

Fei, Yuan ; Zhu, Huibiao. / Modeling and verifying NDN access control using CSP. Formal Methods and Software Engineering - 20th International Conference on Formal Engineering Methods, ICFEM 2018, Proceedings. editor / Jing Sun ; Meng Sun. Springer Verlag, 2018. pp. 143-159 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).

@inproceedings{84b8d46ae342410f8e51bdff01dcae4f,

title = "Modeling and verifying NDN access control using CSP",

abstract = "Named Data Networking (NDN) is a new promising architecture of information-centric networking. NDN could not reuse the existing access control solutions designed for the IP architecture due to their fundamental difference of design, as well as NDNs caching property. As a result, several access control solutions have been proposed for NDN. One of them is specially for both closed and open environment. In this paper, we make the very first attempt to model and verify several important properties of NDN access control. We adopt CSP (Communicating Sequential Processes) to model the NDN access control proposed by Hamdane et al., as well as their security properties. By feeding the models into the model checker PAT (Process Analysis Toolkit), we have verified that the NDN access control cannot prevent the NK key pair faking and the data leakage with the appearance of intruders. We introduce a new method to solve these issues. Considering the situation when the entities are invaded, we also improve our method to make the NDN access control strong enough to maintain the property of key authenticity and data security in this vulnerable situation. We hope that our study would help enhancing the adaptability and robustness of the NDN access control.",

keywords = "Access control, Modeling, Named Data Networking (NDN), Verification",

author = "Yuan Fei and Huibiao Zhu",

note = "Publisher Copyright: {\textcopyright} Springer Nature Switzerland AG 2018.; 20th International Conference on Formal Engineering Methods, ICFEM 2018 ; Conference date: 12-11-2018 Through 16-11-2018",

year = "2018",

doi = "10.1007/978-3-030-02450-5\_9",

language = "英语",

isbn = "9783030024499",

series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

publisher = "Springer Verlag",

pages = "143--159",

editor = "Jing Sun and Meng Sun",

booktitle = "Formal Methods and Software Engineering - 20th International Conference on Formal Engineering Methods, ICFEM 2018, Proceedings",

address = "德国",

}

Fei, Y & Zhu, H 2018, Modeling and verifying NDN access control using CSP. in J Sun & M Sun (eds), Formal Methods and Software Engineering - 20th International Conference on Formal Engineering Methods, ICFEM 2018, Proceedings. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 11232 LNCS, Springer Verlag, pp. 143-159, 20th International Conference on Formal Engineering Methods, ICFEM 2018, Gold Coast, Australia, 12/11/18. https://doi.org/10.1007/978-3-030-02450-5_9

Modeling and verifying NDN access control using CSP. / Fei, Yuan; Zhu, Huibiao.
Formal Methods and Software Engineering - 20th International Conference on Formal Engineering Methods, ICFEM 2018, Proceedings. ed. / Jing Sun; Meng Sun. Springer Verlag, 2018. p. 143-159 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 11232 LNCS).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Modeling and verifying NDN access control using CSP

AU - Fei, Yuan

AU - Zhu, Huibiao

N1 - Publisher Copyright: © Springer Nature Switzerland AG 2018.

PY - 2018

Y1 - 2018

N2 - Named Data Networking (NDN) is a new promising architecture of information-centric networking. NDN could not reuse the existing access control solutions designed for the IP architecture due to their fundamental difference of design, as well as NDNs caching property. As a result, several access control solutions have been proposed for NDN. One of them is specially for both closed and open environment. In this paper, we make the very first attempt to model and verify several important properties of NDN access control. We adopt CSP (Communicating Sequential Processes) to model the NDN access control proposed by Hamdane et al., as well as their security properties. By feeding the models into the model checker PAT (Process Analysis Toolkit), we have verified that the NDN access control cannot prevent the NK key pair faking and the data leakage with the appearance of intruders. We introduce a new method to solve these issues. Considering the situation when the entities are invaded, we also improve our method to make the NDN access control strong enough to maintain the property of key authenticity and data security in this vulnerable situation. We hope that our study would help enhancing the adaptability and robustness of the NDN access control.

AB - Named Data Networking (NDN) is a new promising architecture of information-centric networking. NDN could not reuse the existing access control solutions designed for the IP architecture due to their fundamental difference of design, as well as NDNs caching property. As a result, several access control solutions have been proposed for NDN. One of them is specially for both closed and open environment. In this paper, we make the very first attempt to model and verify several important properties of NDN access control. We adopt CSP (Communicating Sequential Processes) to model the NDN access control proposed by Hamdane et al., as well as their security properties. By feeding the models into the model checker PAT (Process Analysis Toolkit), we have verified that the NDN access control cannot prevent the NK key pair faking and the data leakage with the appearance of intruders. We introduce a new method to solve these issues. Considering the situation when the entities are invaded, we also improve our method to make the NDN access control strong enough to maintain the property of key authenticity and data security in this vulnerable situation. We hope that our study would help enhancing the adaptability and robustness of the NDN access control.

KW - Access control

KW - Modeling

KW - Named Data Networking (NDN)

KW - Verification

UR - https://www.scopus.com/pages/publications/85056831371

U2 - 10.1007/978-3-030-02450-5_9

DO - 10.1007/978-3-030-02450-5_9

M3 - 会议稿件

AN - SCOPUS:85056831371

SN - 9783030024499

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 143

EP - 159

BT - Formal Methods and Software Engineering - 20th International Conference on Formal Engineering Methods, ICFEM 2018, Proceedings

A2 - Sun, Jing

A2 - Sun, Meng

PB - Springer Verlag

T2 - 20th International Conference on Formal Engineering Methods, ICFEM 2018

Y2 - 12 November 2018 through 16 November 2018

ER -

Fei Y, Zhu H. Modeling and verifying NDN access control using CSP. In Sun J, Sun M, editors, Formal Methods and Software Engineering - 20th International Conference on Formal Engineering Methods, ICFEM 2018, Proceedings. Springer Verlag. 2018. p. 143-159. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). doi: 10.1007/978-3-030-02450-5_9

Modeling and verifying NDN access control using CSP

Abstract

Publication series

Conference

Keywords

Access to Document

Other files and links

Fingerprint

Cite this