共查询到20条相似文献,搜索用时 171 毫秒
1.
在以Lu&Smolka对SET协议支付过程的简化模型为研究对象的情况下,进行形式化建模和有限状态机模型。同时应用CTL对相应的安全性质进行形式描述,并在网络环境被入侵者控制的假设下,利用SMV分析了协议的认证性、保密性和完整性,发现攻击并对该攻击所产生的影响进行了讨论。最后修改其协议模型对改进后的协议进行分析和检验,说明了SET协议独具特色的双重签名在整个协议运行中至关重要。 相似文献
2.
3.
P2P是构筑于互联网的大规模分布计算协议,采用形式化方法对P2P协议的本质原理进行分析,将有助于P2P协议的优化和改进。本文采用抽象状态机(ASM)对经典P2P协议Chord进行分析,用基于抽象状态机语言(Asml)对其建模,设计了核心运行规则,并得到了该协议的有限状态机模型。本文的工作有助于分析、优化P2P协议。 相似文献
4.
基于有限状态机仿真模型因其外部环境的复杂交互关系,而难以完整复现其状态变迁过程,更难对模型进行校核与检验;而模型校核对于确保仿真的可信度十分重要。本文从分析基于有限状态机的仿真对象模型状态变迁及公共调用接口出发,将有限状态机模型的公共接口区分为参数注入方法集、参数提取方法集和无参数方法集。并在此基础上,提出并实现了对有限状态机模型接口输入集进行窥视和顶替的校核策略。实验表明,在满足若干禁入规则的条件下,该方法能够完整复现有限状态机模型的状态变迁过程,从而可为实现可校核与可检验有限状态机模型提供建模框架。 相似文献
5.
6.
为保证移动支付安全、顺利进行,必须采用安全的移动支付协议。针对计算和存储能力有限的移动设备和不可靠的移动环境,选择采用对称加密的轻量级移动支付协议PCMS,使用串空间理论对其建模,进行形式化分析。通过图的方式直观描述协议的执行过程,分析协议安全目标,基于串空间理论的认证测试方法,对该协议的公平性形式化分析。针对PCMS协议不满足公平性,提出增加时间戳来解决,同时增加一个退款子协议完成后续退款操作。结合模型检测工具验证分析,结果表明,改进后的协议满足公平性。 相似文献
7.
8.
为解决传统移动微支付协议因注重效率而导致协议存在安全隐患的缺陷,根据移动电子商务所应具备的安全性,通过对移动微支付协议Millicent的研究,发现其存在严重的用户欺骗问题。针对该协议存在的不足,增加商家与用户间的确认过程,使协议具有不可否认性。最后,对改进的移动微支付协议Millicent建模并使用SMV模型检测工具进行分析。分析结果表明,改进的协议除具有原协议的保密性和认证性外还具有不否认性和公平性,相比原协议更优越。 相似文献
9.
按需组播路由协议(ODMRP)是一种针对移动自组织网络的组播路由协议,该协议在源节点和接收节点之间建立网格进行数据传输,具有冗余路径、不依赖单播路由、健壮性高等特点.目前尚缺乏对于ODMRP的建模和仿真研究.针对此问题,基于OPNET仿真环境完成了对ODMRP的建模,建立了该协议的有限状态机(FSM)、节点模型、网络模型以及包格式,基于C语言编程实现了路由的建立、更新、维护和数据传输过程.通过设置不同的参数和统计量,仿真检验了协议性能,包括网络的端到端延时和数据包递交率与节点移动速度和组播组尺寸之间的定量关系,证明了所建立的协议模型的功能正确性.仿真结果表明,ODMRP协议适用于诸如战场通信、灾难救助、体育比赛、大型会展等需要临时组网进行组播通信的应用场合. 相似文献
10.
网络协议的逆向分析技术无论对可信软件的验证、保护还是对恶意软件机理的分析都具有重要用途。由于协议的内在复杂性,重构与其源程序一致的高级模型对分析尤为有益,其中又以有限状态机模型最为典型。建立一种重构网络协议状态机模型的有效方法,主要依据所记录的协议会话的消息流及协议软件实际执行的指令流,通过对指令流反编译并应用改进的形式分析及验证技术构建出状态对象、转移关系及状态转移条件。该方法从协议的会话实例重构出充分一般的状态机模型,效率可行并具有逻辑上可证明的精确性。在详细阐述理论基础之后,也讨论了该方法的实现和应用。 相似文献
11.
Considering the low-power computing capability of mobile devices, the security scheme design is a nontrivial challenge. The identity (ID)-based public-key system with bilinear pairings defined on elliptic curves offers a flexible approach to achieve simplifying the certificate management. In the past, many user authentication schemes with bilinear pairings have been proposed. In 2009, Goriparthi et al. also proposed a new user authentication scheme for mobile client–server environment. However, these schemes do not provide mutual authentication and key exchange between the client and the server that are necessary for mobile wireless networks. In this paper, we present a new user authentication and key exchange protocol using bilinear pairings for mobile client–server environment. As compared with the recently proposed pairing-based user authentication schemes, our protocol provides both mutual authentication and key exchange. Performance analysis is made to show that our presented protocol is well suited for mobile client–server environment. Security analysis is given to demonstrate that our proposed protocol is provably secure against previous attacks. 相似文献
12.
In this paper, an approach of mutual authentication and key exchange for mobile access, based on the trust delegation and message authentication code, is developed, and a novel nonce-based authentication approach is presented. The proposed protocols can effectively defend all known attacks to mobile networks including the denial-of-service attacks and man-in-the-middle attacks. In particular, in contrast to some previous work, our design gives users a chance to set a session key according to users' will, and does not require a mobile user to compute useless hash key chains in the face of HLR-online authentication failures or run the initial authentication protocol before HLR-offline authentication. Moreover, our design enjoys both computation efficiency and communication efficiency as compared to known mobile authentication schemes. 相似文献
13.
Weigang Wu Cao J. Raynal M. 《Parallel and Distributed Systems, IEEE Transactions on》2009,20(6):753-765
This paper proposes a modular approach to the design of hierarchical consensus protocols for the mobile ad hoc network with a static and known set of hosts. A two-layer hierarchy is imposed on the network by grouping mobile hosts into clusters, each with a clusterhead. The messages from and to the hosts in the same cluster are merged/unmerged by the clusterhead so as to reduce the message cost and improve the scalability. The proposed modular approach separates the concerns of clustering hosts from achieving consensus. A clustering function, called eventual clusterer (denoted as diamC), is designed for constructing and maintaining the two-layer hierarchy. Similar to unreliable failure detectors, diamC greatly facilitates the design of hierarchical protocols by providing the fault-tolerant clustering function transparently. We propose an implementation of diamC based on the failure detector diamS. Using diamC, we design a new hierarchical consensus protocol. As shown by the performance evaluation results, the proposed consensus protocol can save both message cost and time cost. Our proposed modular design is therefore effective and can lead to efficient solutions to achieving consensus in mobile ad hoc networks. 相似文献
14.
Hang Tu Neeraj Kumar Debiao He Jongsung Kim Changhoon Lee 《The Journal of supercomputing》2014,70(1):224-235
With the rapid development of wireless mobile communication, the password-based three-party authenticated key exchange protocol has attracted an increasing amount of attention. To generate more session keys at one time for different applications, Li et al. proposed a password-based three-party authenticated multiple key exchange (3PAMKE) protocol for wireless mobile networks. They claimed that their protocol could withstand various attacks. In this paper, we will show Li et al.’s protocol is not secure off-line password guessing. Furthermore, we proposed an improved 3PAMKE protocol to overcome weakness in Li et al.’s protocol. Security analysis and performance analysis shows our protocol not only overcomes security weakness, but also has better performance. Therefore, our protocol is more suitable for wireless mobile networks. 相似文献
15.
As a smart phone becomes a daily necessity, mobile services are springing up. A mobile user should be authenticated and authorized before accessing these mobile services. Generally, mobile user authentication is a method which is used to validate the legitimacy of a mobile login user. As the rapid booming of computer networks, multi-server architecture has been pervasive in many network environments. Much recent research has been focused on proposing password-based remote user authentication protocols using smart cards for multi-server environments. To protect the privacy of users, many dynamic identity based remote user authentication protocols were proposed. In 2009, Hsiang and Shih claimed their protocol is efficient, secure, and suitable for the practical application environment. However, Sood et al. pointed out Hsiang et al.’s protocol is susceptible to replay attack, impersonation attack and stolen smart card attack. Moreover, the password change phase of Hsiang et al.’s protocol is incorrect. Thus, Sood et al. proposed an improved protocol claimed to be practical and computationally efficient. Nevertheless, Li et al. found that Sood et al.’s protocol is still vulnerable to leak-of-verifier attack, stolen smart card attack and impersonation attack and consequently proposed an improvement to remove the aforementioned weaknesses. In 2012, Liao et al. proposed a novel pairing-based remote user authentication protocol for multi-server environment, the scheme based on elliptic curve cryptosystem is more secure and efficient. However, through careful analyses, we find that Liao et al.’s protocol is still susceptible to the trace attack. Besides, Liao et al.’s protocol is inefficient since each service server has to update its ID table periodically. In this paper, we propose an improved protocol to solve these weaknesses. By enhancing the security, the improved protocol is well suited for the practical environment. 相似文献
16.
17.
Chao-Wen Chang~ 《国际自动化与计算杂志》2008,5(2):202-207
According to the security requirement of the short message service (SMS) industry application, a secure short message communication protocol is proposed. This is an application level protocol constructed on the standard SMS communication protocol using public key authentication and key agreement without the need of wireless public key infrastructure (WPKI). Secure short message transmission and dynamic key agreement between mobile terminals and the accessing gateway axe realized. The security of the proposed protocol is validated through the BAN logic. Compared with the standard SMS protocol, the effective payload rate of our protocol can reach 91.4%, and subscriber identity module (SIM) tool kit (STK) applications based on our protocol suit well for all kinds of mobile terminals in practical application. 相似文献
18.
《Journal of Parallel and Distributed Computing》2006,66(7):887-906
The rapid growth of heterogeneous devices and diverse networks in our daily life, makes it is very difficult, if not impossible, to build a one-size-fits-all application or protocol, which can run well in such a dynamic environment. Adaptation has been considered as a general approach to address the mismatch problem between clients and servers; however, we envision that the missing part, which is also a big challenge, is how to inject and deploy adaptation functionality into the environment. In this paper we propose a novel application level protocol adaptation framework, Fractal, which uses the mobile code technology for protocol adaptation and leverages existing content distribution networks (CDN) for protocol adaptors (mobile codes) deployment. To the best of our knowledge, Fractal is the first application level protocol adaptation framework that considers the real deployment problem using mobile code and CDN. To evaluate the proposed framework, we have implemented two case studies: an adaptive message encryption protocol and an adaptive communication optimization protocol. In the adaptive message encryption protocol, Fractal always chooses a proper encryption algorithm according to different application requirements and device characteristics. And the adaptive communication optimization protocol is capable of dynamically selecting the best one from four communication protocols, including Direct sending, Gzip, Bitmap, and Vary-sized blocking, for different hardware and network configurations. In comparison with other adaptation approaches, evaluation results show the proposed adaptive approach performs very well on both the client side and server side. For some clients, the total communication overhead reduces 41% compared with no protocol adaptation mechanism, and 14% compared with the static protocol adaptation approach. 相似文献
19.
《Journal of Parallel and Distributed Computing》2000,60(4):510-520
This paper addresses the problem of providing quality of service (QoS) support and routing for wireless networks in the presence of user mobility. The proposed architecture is hierarchical where cells (the basic region of mobile coverage) are organized into QoS/routing domains. The QoS mechanism is based on our earlier work, which follows the integrated services approach with reservation protocol and class-based queueing used for signaling and scheduling, respectively. The routing mechanism proposed in this paper is integrated with the above QoS mechanism and uses a combination of mobile IP, fast route table updates, and proxy address resolution protocol. The architecture and mechanisms have been implemented in a wireless and mobile test bed that uses Lucent WaveLAN cards. Experimental results from this test bed are presented to show the validity of the architecture and to discuss basic system performance. 相似文献
20.
移动自组网是一种新型的无基站无线移动网络,多播作为通信网络中的重要功能,在这种网络中具有很高的研究及使用价值.针对移动自组网的特性,提出了基于动态蜂窝的多播路由协议.该协议将移动结点组织成动态蜂窝,然后在此基础上以按需的方式建立网格结构的多播路由发送多播数据.仿真实验结果表明该协议具有延迟小、可靠、高效、扩展性强的特点. 相似文献