On the modelling of Kerberos protocol in the Quality of Protection Modelling Language (QoP-ML)

• Autorzy: Księżopolski B. , Rusinek D. , Wierzbicki A.

Identyfikatory

DOI

10.2478/v10065-012-0032-0

• Języki publikacji: EN

Abstrakty

EN

The security modelling of IT systems is a very complicated task. One of the issues which must be analysed is the performance of IT systems. In many cases the guaranteed security level is too high in relation to the real threats. The overestimation of security measures can decrease system performance. The paper presents the analysis of Kerberos cryptographic protocol in terms of quality of protection performed by Quality of Protection Modelling Language (QoP-ML). The analysis concerns the availability attribute. In the article the Kerberos protocol was modelled and the QoP analysis of two selected versions was performed.

Słowa kluczowe

EN

Kerberos cryptographic protocol; Quality of Protection; QoP; Quality of Protection Modelling Language; QoP-ML; cryptographic protocol

• Wydawca: Wydawnictwo UMCS
• Czasopismo: Annales Universitatis Mariae Curie-Skłodowska. Sectio AI, Informatica
• Rocznik: 2012
• Tom: Vol. 12, no. 4
• Strony: 69--81
• Opis fizyczny: Bibliogr. 24 poz.

Twórcy

autor

Księżopolski B.

• Institute of Computer Science, Maria Curie-Sklodowska University, pl. M. Curie-Sklodowskiej 5, 20-031 Lublin, Poland
• Polish-Japanese Institute of Information Technology, Koszykowa 86, 02-008 Warsaw, Poland

autor

Rusinek D.

• Institute of Computer Science, Maria Curie-Sklodowska University, pl. M. Curie-Sklodowskiej 5, 20-031 Lublin, Poland

autor

Wierzbicki A.

• Polish-Japanese Institute of Information Technology, Koszykowa 86, 02-008 Warsaw, Poland

Bibliografia

• [1] ISO/IEC 27002:2005; Information technology - Security techniques - Code of practice for information security management (2005).
• [2] Ksiezopolski B., Kotulski Z., Szalachowski P., Adaptive approach to network security, Communications in Computer and Information Science 158 (2009): 233.
• [3] Ksiezopolski B., Kotulski Z., Szalachowski P., On QoP method for ensuring availability of the goal of cryptographic protocols in the real-time systems, European Teletraffic Seminar (2011): 195.
• [4] Ksiezopolski B, Kotulski Z., Adaptable security mechanism for the dynamic environments, Computers & Security 26 (2007): 246.
• [5] LeMay E., Unkenholz W., Parks D., Adversary-Driven State-Based System Security Evaluation, In Workshop on Security Metrics - MetriSec (2010) .
• [6] Lindskog S., Modeling and Tuning Security from a Quality of Service Perspective. PhD dissertation, Department of Computer Science and Engineering, Chalmers University of Technology, Goteborg, Sweden (2005).
• [7] Luo A., Lin Ch., Wang K., Lei L., Liu Ch., Quality of protection analysis and performance modeling in IP multimedia subsystem. Computers Communications 32 (2009): 1336.
• [8] Ong C.S., Nahrstedt K., Yuan W., Quality of protection for mobile applications, In IEEE International Conference on Multimedia & Expo (2003): 137.
• [9] Petriu D. C., Woodside C. M., Petriu D. B., Xu J., Israr T., Georg G., France R., Bieman J. M., Houmb S. H., Jürjens J., Performance Analysis of Security Aspects in UML Models, In Sixth International Workshop on Software and Performance (2007).
• [10] Schneck P., Schwan K., Authenticast: An Adaptive Protocol for High-Performance, Secure Network Applications, Technical Report GIT-CC-97-22 (1997).
• [11] Sun Y., Kumar A., Quality od Protection(QoP): A quantitative methodology to grade security services, In 28th confrence on Distributed Computing Systems Workshop (2008): 394.
• [12] Jürjens J., Secure System Development with UML, Springer (2007).
• [13] Ksiezopolski B., QoP-ML: Quality of Protection modelling language for cryptographic protocols, Computers & Security 31(4) (2012): 569.
• [14] Theoharidou M., Kotzanikolaou P., Gritzalis S., A multi-layer Criticality Assessment methodology based on interdependencies, Computers & Security 29 (2010): 643.
• [15] Neuman C., Ts’o T., Kerberos: An Authentication Service for Computer Networks, IEEE Communications 32 (9) (1994): 33.
• [16] ISO/IEC 27001:2005. Information technology – Security techniques – Information security management systems – Requirements (2005).
• [17] Rusinek D., Ksiezopolski B., Influence of CCM, CBC-MAC, CTR and stand-alone encryption on the quality of transmitted data in the high-performance WSN based on Imote2 Annales UMCS Informatica AI XI (3) (2011): 117.
• [18] Szalachowski P., Ksiezopolski B., Kotulski Z., CMAC, CCM and GCM/GMAC: advanced modes of operation of symmetric block ciphers in the Wireless Sensor Networks, Information Processing Letters 110 (2010): 247.
• [19] Grocholewska-Czurylo A., Cryptographic properties of modified AES-like S-boxes, Annales UMCS Informatica AI XI (2) (2011): 37.
• [20] Grocholewska-Czurylo A., Chmiel K., Stoklosa J., Involutional block cipher for limited resources, IEEE Globecom (2008).
• [21] Jaquith A., Security Metrics: Replacing Fear, Uncertainty, and Doubt, Addison-Wesley (2007).
• [22] Openssl Project: http://www.openssl.org/
• [23] Jürjens J., Tools for Secure Systems Development with UML. International Journal on Software Tools for Technology Transfer 2007; 9:527-544.
• [24] Lambrinoudakis C., Gritzalis S., Dridi F., Pernul G., Security requirements for e-government services: a methodological approach for developing a common PKI-based security policy 2003. Computers & Security 2003; 26:1873-1883.