Security testing method and device for protocol implementation

A technology for protocol implementation and security testing, applied in the field of information security, can solve problems such as time-consuming, difficult to optimize and improve, and high cost of black-box testing, and achieve high execution efficiency and low implementation cost

Inactive Publication Date: 2012-08-01
SIEMENS AG
View PDF6 Cites 16 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, the implementation cost of black-box testing is very high, ...

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Security testing method and device for protocol implementation
  • Security testing method and device for protocol implementation
  • Security testing method and device for protocol implementation

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0029] The present invention will be described in further detail below in conjunction with the accompanying drawings and embodiments. It should be understood that the specific embodiments described here are only used to explain the present invention, not to limit the present invention.

[0030] The embodiment of the present invention proposes a method for security testing of Protocol Implementation. When testing a protocol implementation, the processing flow of this method is as follows figure 1 Shown include the following steps:

[0031] Step 101: Map the protocol specification on which the protocol implementation is based to a first protocol state model (also referred to as an initial protocol state model).

[0032] Step 102: Introduce an illegal state into the first protocol state model to form a second protocol state model.

[0033] Step 103: Using assertions to characterize the test purpose of the second protocol state model and / or the first protocol state model.

[0...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The embodiment of the invention provides a security testing method for protocol implementation, and comprises: mapping a protocol specification on which the protocol implementation is based to a first protocol state model; forming a second protocol state model by introducing an illegal state that corresponds to security failure into the first protocol state model; characterizing the testing purposes of the first protocol state model and the second protocol state model by utilizing an assertion; generating a mutated protocol state model by carrying out a mutative operation on the second protocol state model; performing a model test on the mutated protocol state model according to the assertion to generate a testing suite obtained from mapping a counter-example in the mutated protocol state model that violates the assertion; and carrying out a fuzzing test on the protocol implementation by a testing suite to test security holes in protocol implementation. The invented embodiment further provides a corresponding testing device. According to the invented embodiment, efficient and low-cost protocol security test is realized.

Description

technical field [0001] The invention relates to the technical field of information security (Information Security), in particular to a method and device for performing security testing on protocol implementation. Background technique [0002] Computer information security technology is a computer comprehensive application discipline composed of cryptography application technology, information security technology, data disaster and data recovery technology, operating system maintenance technology, etc. Among them, information security technology is mainly used to prevent system vulnerabilities, prevent external hackers from invading, defend against virus damage, and effectively control suspicious access. [0003] With the development of the Internet (Internet), it is urgent to strengthen its information security technology in various computer systems. Take the Information Communication Technology (ICT, Information Communication Technology) system as an example. As a service...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L12/26H04L29/06
Inventor 唐文隋爱芬
Owner SIEMENS AG
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap