PANA认证与授权协议的形式化分析

2008 Ninth International Conference on Parallel and Distributed Computing, Applications and Technologies Pub Date : 2008-12-01 DOI:10.1109/PDCAT.2008.12

S. Gordon

{"title":"PANA认证与授权协议的形式化分析","authors":"S. Gordon","doi":"10.1109/PDCAT.2008.12","DOIUrl":null,"url":null,"abstract":"The extensible authentication protocol (EAP), which is typically used over wireless LANs and point-to-point links, allows a server to request authentication information from a client. The protocol for carrying authentication for network access (PANA) is designed to transport EAP messages over IP networks. This paper presents a formal coloured Petri net model and analysis of PANA, focusing on the initial authentication and authorisation phase. State space analysis of selected configurations reveals a deadlock may occur at the client when the server aborts a PANA authentication session. The analysis also derives a formal definition of the service between PANA and EAP, which is important for verifying that PANA correctly interfaces with EAP, and can later be used for automated testing.","PeriodicalId":282779,"journal":{"name":"2008 Ninth International Conference on Parallel and Distributed Computing, Applications and Technologies","volume":"6 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2008-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"3","resultStr":"{\"title\":\"Formal Analysis of PANA Authentication and Authorisation Protocol\",\"authors\":\"S. Gordon\",\"doi\":\"10.1109/PDCAT.2008.12\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The extensible authentication protocol (EAP), which is typically used over wireless LANs and point-to-point links, allows a server to request authentication information from a client. The protocol for carrying authentication for network access (PANA) is designed to transport EAP messages over IP networks. This paper presents a formal coloured Petri net model and analysis of PANA, focusing on the initial authentication and authorisation phase. State space analysis of selected configurations reveals a deadlock may occur at the client when the server aborts a PANA authentication session. The analysis also derives a formal definition of the service between PANA and EAP, which is important for verifying that PANA correctly interfaces with EAP, and can later be used for automated testing.\",\"PeriodicalId\":282779,\"journal\":{\"name\":\"2008 Ninth International Conference on Parallel and Distributed Computing, Applications and Technologies\",\"volume\":\"6 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2008-12-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"3\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2008 Ninth International Conference on Parallel and Distributed Computing, Applications and Technologies\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/PDCAT.2008.12\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2008 Ninth International Conference on Parallel and Distributed Computing, Applications and Technologies","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/PDCAT.2008.12","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 3

摘要

可扩展身份验证协议(EAP)通常在无线局域网和点对点链路上使用，它允许服务器从客户机请求身份验证信息。承载网络接入认证(PANA)的协议设计用于在IP网络上传输EAP消息。本文提出了一种正式的彩色Petri网模型，并分析了PANA的初始认证和授权阶段。对所选配置的状态空间分析显示，当服务器终止一个PANA身份验证会话时，客户端可能发生死锁。分析还派生出PANA和EAP之间服务的正式定义，这对于验证PANA正确地与EAP接口非常重要，并且以后可以用于自动化测试。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

Formal Analysis of PANA Authentication and Authorisation Protocol

The extensible authentication protocol (EAP), which is typically used over wireless LANs and point-to-point links, allows a server to request authentication information from a client. The protocol for carrying authentication for network access (PANA) is designed to transport EAP messages over IP networks. This paper presents a formal coloured Petri net model and analysis of PANA, focusing on the initial authentication and authorisation phase. State space analysis of selected configurations reveals a deadlock may occur at the client when the server aborts a PANA authentication session. The analysis also derives a formal definition of the service between PANA and EAP, which is important for verifying that PANA correctly interfaces with EAP, and can later be used for automated testing.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2008 Ninth International Conference on Parallel and Distributed Computing, Applications and Technologies

自引率

0.00%

发文量

期刊最新文献

Case Studies in Computer Network Measurement Advances in the ProGenGrid Workflow Management System Finding Interaction Partners Using Attitude-Based Decision Strategies Agent Migration and Communication in WSNs Portable Object Thermal Awareness: Modeling Intelligent Sensor Networks for Cool Store Applications