TY - JOUR
T1 - MFF-IoT
T2 - A Multi-Granularity Formal Framework of User Authentication for IoT
AU - Fei, Yuan
AU - Yin, Jiaqi
AU - Yan, Lijun
N1 - Publisher Copyright:
© 2023 by the authors.
PY - 2023/6
Y1 - 2023/6
N2 - The Internet of Things (IoT) generates vast amounts of data from numerous applications. However, since wireless channels are the primary means of communication, IoT networks are vulnerable to several security threats, which can compromise their security and privacy. To address these issues, various user authentication protocols have been proposed. Thus, it is still a challenge to provide multi-granularity verifications for different authentications of the IoT. In this paper, we propose a multi-granularity formal framework of user authentication for the IoT (MFF-IoT). Our framework builds different formal models (specification language HLPSL models, process algebra CSP models, Timed CSP models, and timed automata) to complete multi-granularity formal verification. By using both coarse-grained and fine-grained modeling, we can balance the tradeoff between model complexity and verification accuracy. Specifically, our fine-grained models provide a more detailed representation of the framework’s behavior and enable us to perform timing-related probability analysis. As these formal models can be implemented by model-checking tools (AVISPA, PAT with C#, and UPPAAL), important properties and features can be analyzed and verified. We also propose several algorithms for better formal model building and evaluate our framework with a case study to show its practicality and effectiveness.
AB - The Internet of Things (IoT) generates vast amounts of data from numerous applications. However, since wireless channels are the primary means of communication, IoT networks are vulnerable to several security threats, which can compromise their security and privacy. To address these issues, various user authentication protocols have been proposed. Thus, it is still a challenge to provide multi-granularity verifications for different authentications of the IoT. In this paper, we propose a multi-granularity formal framework of user authentication for the IoT (MFF-IoT). Our framework builds different formal models (specification language HLPSL models, process algebra CSP models, Timed CSP models, and timed automata) to complete multi-granularity formal verification. By using both coarse-grained and fine-grained modeling, we can balance the tradeoff between model complexity and verification accuracy. Specifically, our fine-grained models provide a more detailed representation of the framework’s behavior and enable us to perform timing-related probability analysis. As these formal models can be implemented by model-checking tools (AVISPA, PAT with C#, and UPPAAL), important properties and features can be analyzed and verified. We also propose several algorithms for better formal model building and evaluate our framework with a case study to show its practicality and effectiveness.
KW - AVISPA
KW - CSP
KW - formal verification
KW - IoT
KW - PAT with C#
KW - UPPAAL
KW - user authentication
UR - http://www.scopus.com/inward/record.url?scp=85161864043&partnerID=8YFLogxK
U2 - 10.3390/electronics12112356
DO - 10.3390/electronics12112356
M3 - 文章
AN - SCOPUS:85161864043
SN - 2079-9292
VL - 12
JO - Electronics (Switzerland)
JF - Electronics (Switzerland)
IS - 11
M1 - 2356
ER -