CSP Semantics - PowerPoint PPT Presentation

About This Presentation
Title:

CSP Semantics

Description:

CSP Semantics ISA 763 Security Protocol Verification We thank Professor Csilla Farkas of USC for providing some transparencies that were used to construct this ... – PowerPoint PPT presentation

Number of Views:75
Avg rating:3.0/5.0
Slides: 41
Provided by: Fark7
Learn more at: https://cs.gmu.edu
Category:

less

Transcript and Presenter's Notes

Title: CSP Semantics


1
CSP Semantics
  • ISA 763
  • Security Protocol Verification

We thank Professor Csilla Farkas of USC for
providing some transparencies that were used to
construct this transparency
2
References
  • The Theory and Practice of Concurrency by A. W.
    Roscoe, available at web.comlab.ox.ac.uk/oucl/work
    /bill.roscoe/publications/68b.pdf
  • Chapters 4 and 5 of Modeling and analysis of
    security protocols by Peter Ryan and Steve
    Schneider.
  • The FDR2 User Manual available at
    http//www.fsel.com/documentation/fdr2/html/fdr2ma
    nual.htmlSEC_Top
  • Formal Systems, FDR download, http//www.fsel.com/
  • M. Morgenthal Design and Validation of Computer
    Protocols, http//wwwtcs.inf.tu-dresden.de/morgen
    /sem-ws02.html

3
CSP Semantics - 1
  • Operational Semantics
  • Interprets the language on an (abstract) machine
  • such as the ones used in imperative languages
    using a program counter, next instruction stack
    etc.
  • Denotational Semantics
  • The language is translated to another abstract
    domain
  • Translate the basic constructs
  • Translate the combinators to constructs in the
    target domain
  • Use a compositionality principle to construct the
    denotation of the whole program from translated
    parts
  • Algebraic Semantics
  • Translate the language into a normal from by
    rewriting all programs in that form
  • Describe how to execute the program in normal form

4
CSP Semantics - 2
  • Operational Semantics
  • Interprets the language on an (abstract) machine
  • Construct a labeled transition system (LTS)
  • Denotational Semantics
  • The language is translated to another abstract
    domain
  • Trace semantics, Failure Divergence Semantics
  • Algebraic Semantics
  • Translate the language into a normal from by
    rewriting all programs in that form
  • Proof rules

5
Operational Semantics
  • Labeled transition system (LTS)
  • Nodes state of the process
  • Directed edges events
  • Visible events
  • Internal transitions
  • Recall Trace Refinement
  • S ?T T iff trace(T) ? trace(S)

6
An example LTS
Image from M. Morgenthal
7
Another LTS Example
Image from M. Morgenthal
8
Connection between LTS Examples
  • An Implementation of S as
  • A B where
  • AB a ? b ? AB and
  • AC a ? c ? AC
  • where
  • AA corresponds to AB AC
  • BA corresponds to b? AB AC
  • AC corresponds to AB (c ? AC)
  • BC corresponds to b ? AB (c ? AC)

9
AA corresponds to AB AC BA corresponds to
b? AB AC AC corresponds to AB (c ?
AC) BC corresponds to b ? AB (c ? AC)
10
Traces Refinement Check
Image from M. Morgenthal
11
Trace Refinements
  • An implementation refines the trace of a process
  • Hence we would like an implementation to satisfy
    the specification
  • Which properties?
  • For his class, those trace properties used to
    specify security properties.

12
Denotational Semantics
  • Recall Trace Semantics for CSP processes
  • Could not reason the difference between external
    choice and internal choice
  • Example consider Sa,b and
  • Q1 (a?STOP) ? (b?STOP)
  • Q1 (a?STOP) ? (b?STOP)
  • Q3 STOP ?(a?STOP) ?(b?STOP)
  • Refusal set of Q1
  • Q2 can refuse a and b but not a,b
  • Q3 can refuse any subset of S.

13
Refusal Sets
P1 c
P2 c
a
b
t
b
a, c
b, c
b, c
b
a
t
a
a, b, c
a, b, c
a, b, c
a, b, c
P4 c
P3 c
c
c
t
t
b, c
a, c
b, c
a, c
a
b
a
b
a, b, c
a, b, c
a, b, c
a, b, c
14
Refusal Sets
  • P1 (a ? b? STOP) ? (b ? a ? STOP)
  • (a ? STOP) (b ? STOP)
  • Failure Sets (ltgt,), (ltgt,c),
  • (ltagt, a,c), (ltbagt,a,b,c)
  • P2 (c?a?STOP)?(b?c?STOP)\ c
  • Failure sets (ltgt,X X ? b,c U
  • (ltagt,X),(ltbgt,X) X ? a,b,c
  • Internal actions introduce nondterminism

15
Refusal Sets
  • P3 (a ? STOP) ? (b ? STOP)
  • Must accept one of a or b if both a,b are
    offered
  • Different from
  • P1 - must accept either
  • P2 - must accept a
  • P4 (c?a?STOP)?(c?b?STOP)
  • After ltcgt refuses Xa,b?X
  • Failure allows us to distinguish between internal
    and external choice traces could not do this!

16
Failure Semantics
  • failure(P) (s,X) s?S and P/s does not
    accept any x?X
  • Failure Refinement P?FQ (read Q failure refines
    P) iff
  • trace(Q) ? trace(P) and
  • failure(Q) ? failure(p)

17
Divergence
  • p(mp.a?p)\a
  • Cannot observe a externally.
  • Diverges i.e. looks like a t-loop
  • We do not care what happens after a process
    diverges

t
a
S
S
18
Failure and Divergence
  • Add extra symbol ? to S to indicate that the
    process has terminated
  • Interpretation ? is emitted by the process to
    the environment to indicate normal termination
  • P ?s? Q means process P becomes Q
  • Stable State a state that does not accept t

19
Failure and Divergence
  • trace(P)s? SU? ?Q.P ?s? Q
  • trace?(P)s (t,X)?F is a prefix closed set
  • diveregnce(P)sts? S,t? SU?
  • ?Q.P ?s? Q, Q div
  • Extension closed sets of traces that has an
    infinite set of t actions
  • failure?(P)(s,X) s is a trace and X is set of
    actions that can be refused in a stable state of
    P

20
The Failures Divergence Model
  • ?N(SU? x P(SU?), SU? )
  • Refers to ( (s, actions D) Failure,
  • strings Divergent string )
  • Any non-empty subset S of N has an infimum given
    by
  • ? S (?F(F,D)?S, ? D (F,D)?S)
  • Supremum of a directed set ? is given by
  • ?S (nF(F,D)? ?, nD (F,D)? ?)
  • Theorem If S is finite then (N, ?FD, ?, ?) is a
    complete partial order

21
Computing the FD Semantics-1
  • failures?(STOP)(ltgt,X)X?SU?
  • divergences(STOP)
  • failures?(SKIP)(ltgt,X)X?SU?
  • divergences(SKIP)
  • failures?(a?p)(ltgt,X)a?X U
  • (ltagts,X)a? failures?(P)
  • divergences(a?p) (ltagts,X)s?divergence(P)

22
Computing the FD Semantics-2
  • failures?(?xA?p)(ltgt,X)XnA U
  • (ltagts,X)a? failures?(P)
  • divergences(?xA?p) (ltagts,X)s?divergence(Pa/x
    )
  • failures?(P?Q)failures?(P) U failures?(Q)
  • divergences(P?Q)
  • divergence(P) U divergence(Q)

23
Computing the FD Semantics-3
  • divergences(P?Q)
  • divergence(P) U divergence(Q)
  • failures?(P?Q)
  • (ltgt,x) (ltgt,x)? failures?(P)nfailures?(Q)
  • U (s,X) s?ltgt,(s,X)?failures?(P)Ufailures?(Q)
  • U (s,X)ltgt?diveregence(P)Udiveregence(Q)
  • U (s,X)X X?S, lt?gt )?trace?(P)U trace?(Q)

24
Computing the FD Semantics-4
  • divergences(PXQ) uv?s? trace?(P),
    ?t?trace?(Q), u?(sXt)n S,
  • s?divergence(P) or t?divergence(Q)
  • failures?(PXQ)(u,YUZ) u? sXt
  • Y\(XU ?) Z\(XU ?) /\
  • ?s,t (s,Y)?failures?(P), (t,Z)?failures?(Q)
  • (u,Y)u?diveregence(PXQ)

25
Computing the FD Semantics-5
  • divergences(P\X)
  • (s\X)t s?divergence(P) U
  • (u\X)t u?Sw /\ (u\x) is finite /\
  • ?slt u, s?trace?(P)
  • failures?(P\X)
  • (s\X,Y) (s,YUX)?failures?(P) U
  • (s,X)s?diveregence(P\X)

26
Deterministic Processes
  • A process is said to be deterministic if
  • tltagt?trace(P) ? (t,a)?failure(P)
  • divergence(P)
  • That is, never diverges and do not have the
    choice of accepting and refusing an action
  • Deterministic processes are the maximal elements
    under ?FD
  • Example (a?STOP)?(a?a?STOP) is non-deterministic

27
Deterministic Processes and LTS
a
a
a
a
  • Two nondeterministic LTS whose behavior is
    deterministic

28
Abstraction - 1
  • Abstraction hide details
  • Example many-to-one renaming
  • (a?c?STOP)?(b?d?STOP) b/a
  • (a?c?STOP) ?(a?d?STOP)
  • a?( (c?STOP)?(d?STOP) )
  • Eager abstraction hiding operator
  • EH(P)p\H assumes that events in H pass out of
    sight

29
Abstraction - 2
  • Lazy abstraction Projection of P into L
  • LH(P) P_at_L
  • (s\H,X)(s,XnL)? failures?(P)
  • Example Ll1,l2, Hh
  • P (l1?P) ? (l2?h?P) ? (h?P)
  • LH(P) Q (l1?Q) ? l2?(STOP?Q)
  • Finite traces of LH(P) are precisely s\H s ?
    traces(P)

30
Casper
  • Compiler
  • Easy to specify protocols and security properties
  • E.g., Yahalom protocol
  • Input 1 page protocol and security spec.
  • Output (CSP) 10 pages

31
Casper
  • Protocol Definition
  • protocol operation, including
  • messages between the agents,
  • tests performed by the agents,
  • types of data,
  • initial knowledge,
  • specification of the protocols goals,
  • algebraic equivalences over the types
  • Components
  • Protocol description
  • Free variables
  • Processes
  • Specification

32
Casper
  • System definition actual system to be checked,
    including agents, their roles, actual data types,
    intruders abilities
  • Components
  • Actual variables
  • Functions
  • System
  • Intruder information

33
Protocol Description
Image from M. Morgenthal
34
Free Variables
Image from M. Morgenthal
35
Processes
Image from M. Morgenthal
36
Specification
Image from M. Morgenthal
37
System specs Variables
Image from M. Morgenthal
38
System specs Functions
Image from M. Morgenthal
39
System specs The System
Image from M. Morgenthal
40
System specs The Intruder
Image from M. Morgenthal
Write a Comment
User Comments (0)
About PowerShow.com