23-05-2012, 01:52 PM
SECURITY MANAGEMENT AGAINST CLONING MOBILE PHONES
SECURITY MANAGEMENT.pdf (Size: 94.99 KB / Downloads: 58)
INTRODUCTION
The security management service is responsible for providing a safe
environment for both the operation and management of resources in
a domain [14, 15]. Safety and Security are two reliability properties
of a system. A ‘safe’ system provides protection against errors of
trusted users, while ‘secure’ system protects against errors
introduced by untrusted users [1]. A comprehensive network
security plan must encompass all the elements that make up the
network and provide important services: Access (authorized users),
Confidentiality, (information remains private), Authentication
(sender is who he claims to be), Integrity (message has not been
modified in transit) and Nonrepudiation (originator cannot deny that
he sent the message) [4].
USING FORMAL DESCRIPTION TECHNIQUES
Our system uses the LOTOS FDT [2], an ISO and actual
standard which can describe both abstract data types and
behaviour, to enhance rigour in the procedures and obtain
specification, validation (simulations, testing, verifications)
and automatic translation from LOTOS code to C code.
In order to validate our Security System Against Cellular
Cloning, which we refer to as SSCC system, we make use of
the CADP tool (Caesar Aldébaran Development Package) [6]
available within the Eucalyptus toolbox. The procedure used to
obtain the correction proofs between refinements generates the
following two automata:
The SSCC Most Abstract Specification
Initially, in the highest abstraction level, the SSCC system can be
observed as a black box, with two communication gates (gate mail
and gate phone), to send messages to the users. The gate mail is
used by the SSCC to send alarms of possible frauds to the user by
surface mail. The gate phone allows the SSCC to use the mobile
phone to send the same alarm. The specific advantage of sending
alarms by phone is the immediate notification, the specific
advantage of mail alarm is security.
Refinement of the SITES_SET Process
The SITES_SET process (Managed Sites Set) includes
several instances of the same managed site model. Each of
these instances corresponds to a LOTOS process that
communicates with a MANAGER process (System Manager)
through the notif gate. Consider that each managed site acts
alone in sending the possible frauds alarms to the Manager, we
can then use the independent composition operator (|) to
combine them, obtaining the following LOTOS representation:
SITE_1[notif] | SITE_2[notif] | . . . |
SITE_N[notif] Each one of these managed sites constitutes a
distributed agent. For obvious reasons, large cities need more
agent sites than small cities.
Detail of a Managed Site
The adopted model for the managed sites conception considers
them as three main elements: a Management Agent, a
Reference Baseline and a File with the Telephone Calls. The
SITE_J process represents a typical management site, with
its three main elements. The LOTOS formal specification of
this architecture can be presented as follows: