User Account

All Pages

Draw a state transition diagram of the system

Assignment Help Basic Computer Science
Reference no: EM133214258

Consider the following four-step communication protocol, which is known as Kerberos protocol and its aim is to guarantee authentication and key exchange between a client and a server [1, 2].

(1) A -> S : A, B

(2) S -> A : {Ts, L, Kab, B}Kas , {Ts, L, Kab, A}Kbs (3) A -> B : {Ts, L, Kab, A}Kbs , {A, Ta} Kab

(4) B -> A : {Ta+1}Kab

The protocol involves the principals A (client/initiator) and B (server/responder), and an authentication server S. The server S is a trusted party which shares a key Kas with A and a key Kbs with B, and also responsible for generating new session keys Kab. The above protocol makes use of the time stamps Ta and Tb, and the lifetime L. In step (1) above, A contacts S in order to communicate its claimed identity and the name of the server B. In step (2), S sends to A two encrypted components. The first component contains the session key Kab generated by S, a time stamp Ts specifying when the session key has been generated, the interval of validity of such key, and the name of the server B. The second component is called ticket having similar information, however, A will not be able to decrypt it. In step (3), A forwards the ticket to server B, with a authenticator component encrypted with the new session key. After receiving the above message, B can extract the session key from the ticket, and uses it to decrypt the authenticator. If the key used to encrypt authenticator matches with the key contained in the ticket, the server B can assume that the authenticator was generated by A. At this point, in order to authenticate the client A, the server B must also check the time stamp Ta to make sure that the authenticator is recent. Thus B can recognise A if the result of verification is positive. In step (4), B demonstrate its identity to A sending a message with increased time stamp encrypted with the session key Kab.

The model of the above protocol could be composed of several variables and processes (or agents). The protocol shall ensure authentication and secrecy. Such properties shall be verified against an intruder I with the following capabilities:

  • I is a known agent, it can act either as initiator or as responder of a protocol session;
  • I can eavesdrop and store any message sent by any agent;
  • I can exploit its knowledge to generate new messages or use previously storedmessages as they are.

Model as a concurrent system in NuSMV the protocol described above as the interaction of 4 agents, A, B, S and I. Multiple sessions may overlap, asynchronously. However, to ensure finiteness of the model state space, consider a maximum number n of sessions, and verify the satisfaction of the properties above under such a limitation. To model and verify the desired system properties you need to complete the following tasks:

Task 1: Design and draw a state transition diagram of the system considering four agents mentioned above. Please note that this diagram would be a high-level diagram and not considering NuSMV's low level diagram (as it would be very complicated);

Task 2: In your NuSMV model (code using the SMV language) all the agents should work concurrently, and in an asynchronous manner;

Task 3: Identify and express six authentication and secrecy properties using CTL/LTL;

Reference no: EM133214258

Questions Cloud

Describe scenario that requires information security plan : Describe the scenario that requires an information security plan. The company you choose can be a current, former, or fictional environment.
Describe an industry in which you want to work : Describe an industry in which you want to work. In your opinion, which of the three primary stakeholder groups is the most powerful in that industry today? Why?
Asymmetric encryption algorithms and digital certificates : A public key infrastructure (PKI) system uses symmetric and asymmetric encryption algorithms and digital certificates to provide security for multiple applicati
Describe the features and basic use of nessus : You are the security administrator for company ABC. You have been tasked to conduct a vulnerability study on the company network (use your home private network
Draw a state transition diagram of the system : Consider the following four-step communication protocol, which is known as Kerberos protocol and its aim is to guarantee authentication and key exchange between
Identify an existing business : For each Organizational Behavior Model, identify an existing business that you think is a best example, base on what you have observed or known of.
Contrast automated vs manual policy enforcement controls : Contrast automated vs. manual policy enforcement controls. Who is ultimately liable for risk, threats, and vulnerabilities?
Types of virus-malicious code and protective measures : 1. What is a virus? 2. What is malware? 3. What are the different types of virus and malicious code?
Review the article-porters diamond model analysis : Mister Simplify. (2020, November 7). Porter's diamond model explained with a full example - simplest explanation ever. [Video].

Reviews

Write a Review

Basic Computer Science Questions & Answers

  Practical aspects of public leadership

From the weekly readings and e-Activity, analyze the key influences that the theoretical and practical aspects of public leadership may exert upon a public leader's performance. Provide two (2) examples of these influences to support your response..

  Sweeping transformation of core processes

What challenges did the leadership of PHS need to overcome to achieve the sweeping transformation of core processes wrought

  How to select columns from a sql table

Now that we have learned how to select columns from a SQL table, let's filter the results to see some more interesting results!

  Broadcom integrated database management system

Discuss the technical advantages and disadvantages of both Broadcom's Integrated Database Management System (CA-IDMS) AND MongoDB.

  Descriptions of features

All projects are perfect at the beginning-but few are perfect when they end. Sometimes, project managers gather descriptions of features

  During the interview process

During the interview process, there are the terms of closed questions and open-ended questions, Explain the differences and give examples!

  Creating good password security

Learn About creating good password security. An IT Security consultant has made three primary recommendations regarding passwords

  Cloud-based office productivity software

Based on what you have learned about using cloud-based office productivity software,

  Boiler plates provided for disaster recovery plan

Read the Boiler Plates provided for Disaster Recovery Plan and Computer Incident Response. What would you create as the DRP and CIRT for this scenario?

  Create either a system backup or a system image

Prepare draft incident response guidance to be included in the Sifers-Grayson Incident Responder's Handbook. Create either a system backup or a system image.

  IT Governance-Strategic Issues

Note how these issues have influenced the organization you are considering. Why has the consideration of them positively affected that organization?

  Where should the thumbtacks be placed

To sketch the outline of the fireplace, the contractor uses an 8-foot string tied to two thumbtacks.

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd