Analysis of two authorization protocols using Colored Petri Nets

Seifi, Younes, Suriadi, Suriadi, Foo, Ernest, & Boyd, Colin (2015) Analysis of two authorization protocols using Colored Petri Nets. International Journal of Information Security, 14(3), pp. 221-247.

View at publisher


To prevent unauthorized access to protected trusted platform module (TPM) objects, authorization protocols, such as the object-specific authorization protocol (OSAP), have been introduced by the trusted computing group (TCG). By using OSAP, processes trying to gain access to the protected TPM objects need to prove their knowledge of relevant authorization data before access to the objects can be granted. Chen and Ryan’s 2009 analysis has demonstrated OSAP’s authentication vulnerability in sessions with shared authorization data. They also proposed the Session Key Authorization Protocol (SKAP) with fewer stages as an alternative to OSAP. Chen and Ryan’s analysis of SKAP using ProVerif proves the authentication property. The purpose of this paper was to examine the usefulness of Colored Petri Nets (CPN) and CPN Tools for security analysis. Using OSAP and SKAP as case studies, we construct intruder and authentication property models in CPN. CPN Tools is used to verify the authentication property using a Dolev–Yao-based model. Verification of the authentication property in both models using the state space tool produces results consistent with those of Chen and Ryan.

Impact and interest:

0 citations in Scopus
Search Google Scholar™

Citation counts are sourced monthly from Scopus and Web of Science® citation databases.

These databases contain citations from different subsets of available publications and different time periods and thus the citation count from each is usually different. Some works are not in either database and no count is displayed. Scopus includes citations from articles published in 1996 onwards, and Web of Science® generally from 1980 onwards.

Citations counts from the Google Scholar™ indexing service can be viewed at the linked Google Scholar™ search.

ID Code: 74296
Item Type: Journal Article
Refereed: Yes
Keywords: Colored Petri Nets, CPN, CPN Tools, Security Analysis, TPM, SKAP, OSAP, Trusted computing, ASK-CTL
DOI: 10.1007/s10207-014-0243-z
ISSN: 1615-5262
Divisions: Current > Schools > School of Electrical Engineering & Computer Science
Current > Schools > School of Information Systems
Current > QUT Faculties and Divisions > Science & Engineering Faculty
Copyright Owner: Copyright 2014 Springer-Verlag Berlin Heidelberg
Deposited On: 22 Jul 2014 23:56
Last Modified: 12 May 2015 03:01

Export: EndNote | Dublin Core | BibTeX

Repository Staff Only: item control page