Modular preservation of safety properties by cookie-based DoS-protection wrappers

Rohit Chadha; Carl A. Gunter; Jose Meseguer; Ravinder Shankesi; Mahesh Viswanathan

doi:10.1007/978-3-540-68863-1_4

Modular preservation of safety properties by cookie-based DoS-protection wrappers

Rohit Chadha, Carl A. Gunter, Jose Meseguer, Ravinder Shankesi, Mahesh Viswanathan

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Abstract

Current research on verifying security properties of communication protocols has focused on proving integrity and confidentiality using models that include a strong Man-in-the-Middle (MitM) threat. By contrast, protection measures against Denial-of-Service (DoS) must assume a weaker model in which an adversary has only limited ability to interfere with network communications. In this paper we demonstrate a modular reasoning framework in which a protocol that satisfies certain security properties can be assured to retain these properties after it is "wrapped" in a protocol that adds DoS protection. This modular wrapping is based on the "onion skin" model of actor reflection. In particular, we show how a common DoS protection mechanism based on cookies can be applied to a protocol while provably preserving safety properties (including confidentiality and integrity) that it was shown to have in a MitM threat model.

Original language	English (US)
Title of host publication	Formal Methods for Open Object-Based Distributed Systems - 10th IFIP WG 6.1 International Conference, FMOODS 2008, Proceedings
Pages	39-58
Number of pages	20
DOIs	https://doi.org/10.1007/978-3-540-68863-1_4
State	Published - 2008
Event	10th IFIP WG 6.1 International Conference on Formal Methods for Open Object-Based Distributed Systems, FMOODS 2008 - Oslo, Norway Duration: Jun 4 2008 → Jun 6 2008

Publication series

Name	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume	5051 LNCS
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Other

Other	10th IFIP WG 6.1 International Conference on Formal Methods for Open Object-Based Distributed Systems, FMOODS 2008
Country/Territory	Norway
City	Oslo
Period	6/4/08 → 6/6/08

ASJC Scopus subject areas

Theoretical Computer Science
General Computer Science

Online availability

10.1007/978-3-540-68863-1_4

Library availability

Discover UIUC Full Text

Cite this

Chadha, R., Gunter, C. A., Meseguer, J., Shankesi, R., & Viswanathan, M. (2008). Modular preservation of safety properties by cookie-based DoS-protection wrappers. In Formal Methods for Open Object-Based Distributed Systems - 10th IFIP WG 6.1 International Conference, FMOODS 2008, Proceedings (pp. 39-58). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 5051 LNCS). https://doi.org/10.1007/978-3-540-68863-1_4

Modular preservation of safety properties by cookie-based DoS-protection wrappers. / Chadha, Rohit; Gunter, Carl A.; Meseguer, Jose et al.
Formal Methods for Open Object-Based Distributed Systems - 10th IFIP WG 6.1 International Conference, FMOODS 2008, Proceedings. 2008. p. 39-58 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 5051 LNCS).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Chadha, R, Gunter, CA , Meseguer, J, Shankesi, R & Viswanathan, M 2008, Modular preservation of safety properties by cookie-based DoS-protection wrappers. in Formal Methods for Open Object-Based Distributed Systems - 10th IFIP WG 6.1 International Conference, FMOODS 2008, Proceedings. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 5051 LNCS, pp. 39-58, 10th IFIP WG 6.1 International Conference on Formal Methods for Open Object-Based Distributed Systems, FMOODS 2008, Oslo, Norway, 6/4/08. https://doi.org/10.1007/978-3-540-68863-1_4

Chadha R, Gunter CA , Meseguer J, Shankesi R, Viswanathan M. Modular preservation of safety properties by cookie-based DoS-protection wrappers. In Formal Methods for Open Object-Based Distributed Systems - 10th IFIP WG 6.1 International Conference, FMOODS 2008, Proceedings. 2008. p. 39-58. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). doi: 10.1007/978-3-540-68863-1_4

Chadha, Rohit ; Gunter, Carl A. ; Meseguer, Jose et al. / Modular preservation of safety properties by cookie-based DoS-protection wrappers. Formal Methods for Open Object-Based Distributed Systems - 10th IFIP WG 6.1 International Conference, FMOODS 2008, Proceedings. 2008. pp. 39-58 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).

@inproceedings{43fe5694ee24471081065f0f02019f10,

title = "Modular preservation of safety properties by cookie-based DoS-protection wrappers",

abstract = "Current research on verifying security properties of communication protocols has focused on proving integrity and confidentiality using models that include a strong Man-in-the-Middle (MitM) threat. By contrast, protection measures against Denial-of-Service (DoS) must assume a weaker model in which an adversary has only limited ability to interfere with network communications. In this paper we demonstrate a modular reasoning framework in which a protocol that satisfies certain security properties can be assured to retain these properties after it is {"}wrapped{"} in a protocol that adds DoS protection. This modular wrapping is based on the {"}onion skin{"} model of actor reflection. In particular, we show how a common DoS protection mechanism based on cookies can be applied to a protocol while provably preserving safety properties (including confidentiality and integrity) that it was shown to have in a MitM threat model.",

author = "Rohit Chadha and Gunter, {Carl A.} and Jose Meseguer and Ravinder Shankesi and Mahesh Viswanathan",

year = "2008",

doi = "10.1007/978-3-540-68863-1_4",

language = "English (US)",

isbn = "3540688625",

series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

pages = "39--58",

booktitle = "Formal Methods for Open Object-Based Distributed Systems - 10th IFIP WG 6.1 International Conference, FMOODS 2008, Proceedings",

note = "10th IFIP WG 6.1 International Conference on Formal Methods for Open Object-Based Distributed Systems, FMOODS 2008 ; Conference date: 04-06-2008 Through 06-06-2008",

}

TY - GEN

T1 - Modular preservation of safety properties by cookie-based DoS-protection wrappers

AU - Chadha, Rohit

AU - Gunter, Carl A.

AU - Meseguer, Jose

AU - Shankesi, Ravinder

AU - Viswanathan, Mahesh

PY - 2008

Y1 - 2008

N2 - Current research on verifying security properties of communication protocols has focused on proving integrity and confidentiality using models that include a strong Man-in-the-Middle (MitM) threat. By contrast, protection measures against Denial-of-Service (DoS) must assume a weaker model in which an adversary has only limited ability to interfere with network communications. In this paper we demonstrate a modular reasoning framework in which a protocol that satisfies certain security properties can be assured to retain these properties after it is "wrapped" in a protocol that adds DoS protection. This modular wrapping is based on the "onion skin" model of actor reflection. In particular, we show how a common DoS protection mechanism based on cookies can be applied to a protocol while provably preserving safety properties (including confidentiality and integrity) that it was shown to have in a MitM threat model.

AB - Current research on verifying security properties of communication protocols has focused on proving integrity and confidentiality using models that include a strong Man-in-the-Middle (MitM) threat. By contrast, protection measures against Denial-of-Service (DoS) must assume a weaker model in which an adversary has only limited ability to interfere with network communications. In this paper we demonstrate a modular reasoning framework in which a protocol that satisfies certain security properties can be assured to retain these properties after it is "wrapped" in a protocol that adds DoS protection. This modular wrapping is based on the "onion skin" model of actor reflection. In particular, we show how a common DoS protection mechanism based on cookies can be applied to a protocol while provably preserving safety properties (including confidentiality and integrity) that it was shown to have in a MitM threat model.

UR - http://www.scopus.com/inward/record.url?scp=46049086600&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=46049086600&partnerID=8YFLogxK

U2 - 10.1007/978-3-540-68863-1_4

DO - 10.1007/978-3-540-68863-1_4

M3 - Conference contribution

AN - SCOPUS:46049086600

SN - 3540688625

SN - 9783540688624

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 39

EP - 58

BT - Formal Methods for Open Object-Based Distributed Systems - 10th IFIP WG 6.1 International Conference, FMOODS 2008, Proceedings

T2 - 10th IFIP WG 6.1 International Conference on Formal Methods for Open Object-Based Distributed Systems, FMOODS 2008

Y2 - 4 June 2008 through 6 June 2008

ER -

Modular preservation of safety properties by cookie-based DoS-protection wrappers

Abstract

Publication series

Other

ASJC Scopus subject areas

Online availability

Library availability

Related links

Fingerprint

Cite this