The University of Southampton
University of Southampton Institutional Repository

iUML-B model of VLAN system

iUML-B model of VLAN system
iUML-B model of VLAN system
Dataset support the paper 'Analysing security protocols using refinement in iUML-B', presented at 9th NASA Formal Methods Symposium, 16-18 May 2017.Formal specification of a VLAN tagging system illustrating the well-known security flaw of these systems, double-tagging. We use iUML-B class diagrams which provide a diagrammatic representation of the Event-B formalism. We specify the security principle that packets should only belong to nodes of a VLAN which they are intended for and prove that the property is maintained. We then refine the model to introduce the usual packet tagging mechanism that is supposed to ensure the security principle. A double tagging attack cannot be proven to satisfy the glueing invariant. A second version of the model is provided that excludes the Native LAN from being used as a VLAN which is the usual recommendation to prevent double-tagging attacks. This version is fully proven to be secure.
iUML-B, security, VLAN
University of Southampton
Snook, Colin
b2055316-9f7a-4b31-8aa1-be0710046af2
Hoang, Thai
dcc0431d-2847-4e1d-9a85-54e4d6bab43f
Butler, Michael
54b9c2c7-2574-438e-9a36-6842a3d53ed0
Snook, Colin
b2055316-9f7a-4b31-8aa1-be0710046af2
Hoang, Thai
dcc0431d-2847-4e1d-9a85-54e4d6bab43f
Butler, Michael
54b9c2c7-2574-438e-9a36-6842a3d53ed0

Snook, Colin, Hoang, Thai and Butler, Michael (2016) iUML-B model of VLAN system University of Southampton doi:10.5258/SOTON/403533 [Dataset]

Record type: Dataset

Abstract

Dataset support the paper 'Analysing security protocols using refinement in iUML-B', presented at 9th NASA Formal Methods Symposium, 16-18 May 2017.Formal specification of a VLAN tagging system illustrating the well-known security flaw of these systems, double-tagging. We use iUML-B class diagrams which provide a diagrammatic representation of the Event-B formalism. We specify the security principle that packets should only belong to nodes of a VLAN which they are intended for and prove that the property is maintained. We then refine the model to introduce the usual packet tagging mechanism that is supposed to ensure the security principle. A double tagging attack cannot be proven to satisfy the glueing invariant. A second version of the model is provided that excludes the Native LAN from being used as a VLAN which is the usual recommendation to prevent double-tagging attacks. This version is fully proven to be secure.

Other UC7_VLAN_201612121018.tar.gz - Dataset
Download (224kB)

More information

Published date: 2016
Keywords: iUML-B, security, VLAN
Organisations: Electronic & Software Systems, Faculty of Physical Sciences and Engineering

Identifiers

Local EPrints ID: 403533
URI: http://eprints.soton.ac.uk/id/eprint/403533
PURE UUID: d7261ced-13bd-4565-87b6-c5a091e8e30f
ORCID for Colin Snook: ORCID iD orcid.org/0000-0002-0210-0983
ORCID for Thai Hoang: ORCID iD orcid.org/0000-0003-4095-0732
ORCID for Michael Butler: ORCID iD orcid.org/0000-0003-4642-5373

Catalogue record

Date deposited: 12 Dec 2016 10:13
Last modified: 19 Jul 2017 01:43

Export record

Altmetrics

Contributors

Creator: Colin Snook ORCID iD
Creator: Thai Hoang ORCID iD
Creator: Michael Butler ORCID iD

Download statistics

Downloads from ePrints over the past year. Other digital versions may also be available to download e.g. from the publisher's website.

View more statistics

Atom RSS 1.0 RSS 2.0

Contact ePrints Soton: eprints@soton.ac.uk

ePrints Soton supports OAI 2.0 with a base URL of http://eprints.soton.ac.uk/cgi/oai2

This repository has been built using EPrints software, developed at the University of Southampton, but available to everyone to use.

We use cookies to ensure that we give you the best experience on our website. If you continue without changing your settings, we will assume that you are happy to receive cookies on the University of Southampton website.

×