Multimedia Tools and Applications

, Volume 76, Issue 21, pp 22845–22870 | Cite as

Formal modeling and verification of security controls for multimedia systems in the cloud

  • Masoom Alam
  • Saif-ur-Rehman Malik
  • Qaisar Javed
  • Abid Khan
  • Shamaila Bisma Khan
  • Adeel Anjum
  • Nadeem Javed
  • Adnan Akhunzada
  • Muhammad Khurram Khan


Organizations deploy the Security Information and Event Management (SIEM) systems for centralized management of security alerts for securing their multimedia content. The SIEM system not only preserves events data, generated by devices and applications, in the form of logs but also performs real-time analysis of the event data. The SIEM works as the Security Operation Centre (SOC) in an organization, therefore, errors in the SIEM may compromise the security of the organization. In addition to focusing on the architecture, features, and the performance of the SIEM, it is imperative to carry out a formal analysis to verify that the system is impeccable. The ensuing research focuses mainly on the formal verification of the OSTORM a SIEM system. We have used High-Level Petri Nets (HLPN) and Z language to model and analyze the system. Moreover, Satisfiability Modulo Theories Library (SMT-Lib) and Z3 solver are used in this research to prove the correctness of the overall working of the OSTORM system. We demonstrate the correctness of the underlying system based on four security properties, namely: a) event data confidentiality, b) authentication, c) event data integrity, and d) alarm integrity. The results reveal that the OSTORM system functions correctly.


Formal analysis Formal verification HLPN Modeling SIEM SMT Z3 



This work has been possible by the funding provided by ICT R&D under the CDACDEA project. The SIEM as a service has been launched through the collaboration of Trillium Information Security Systems and the Cyber Security Lab at COMSATS Institute of Information Technology, Islamabad, Pakistan.

The authors extend their sincere appreciations to the Deanship of Scientific Research at King Saud University for its funding this Prolific Research Group (PRG-1436-16)


  1. 1.
    Alam Q, Tabbasum S, Malik S, Alam M, Tanveer T, Akhunzada A, Khan S, Vasilakos A, Buyya R (2016) Formal verification of the xDAuth protocolGoogle Scholar
  2. 2.
    Alienvault OSSIM Accessed 13 Mar 2015
  3. 3.
    Allen R, Garlan D (1997) A formal basis for architectural connection. ACM Trans Softw Eng Methodol 6(3):213–249CrossRefGoogle Scholar
  4. 4.
    Alruwaili FF, Gulliver TA (2014) SOCaaS: security operations center as a Service for Cloud Computing Environments. International Journal of Cloud Computing and Services Science (IJ-CLOSER) 3(2):87–96Google Scholar
  5. 5.
    Baier C, Katoen J-P (2008) Principles of model checking, vol 26202649. MIT press, CambridgezbMATHGoogle Scholar
  6. 6.
    Barrett CW, Sebastiani R, Seshia SA, Tinelli C (2009) Satisfiability modulo theories. Handbook of satisfiability 185:825–885Google Scholar
  7. 7.
    Barrett C, Stump A, Tinelli C (2010) The SMT-LIB standard: version 2.0. Available at
  8. 8.
    Barrett C, Stump A, Tinelli C (2010) The satisfiability modulo theories library (smt-lib) 15:18–52.
  9. 9.
    Biere A, Cimatti A, Clarke EM, Strichman O, Zhu Y (2003) Bounded model checking. Adv Comput 58:117–148CrossRefGoogle Scholar
  10. 10.
    Bjorner N (2017) Z3. Accessed 10 Apr 2015
  11. 11.
    Blanchet B (2001) Abstracting cryptographic protocols by prolog rules. In: Static Analysis. Springer, pp 433–436Google Scholar
  12. 12.
    Bussa T, Kavanagh KM, Rochford O (2016) Gartner, magic quadrant for security information and event managementGoogle Scholar
  13. 13.
    Chaput SR, Ringwood K (2010) Cloud compliance: a framework for using cloud computing in a regulated world. In: Cloud Computing. Springer, pp 241–255Google Scholar
  14. 14.
    Cyber Security Lab ( Scholar
  15. 15.
    De Moura L, Bjørner N (2008) Z3: an efficient SMT solver. In: Tools and Algorithms for the Construction and Analysis of Systems. Springer, pp 337–340Google Scholar
  16. 16.
    Dimitrios K (2014) Security information and event management systems: benefits and inefficiencies. U. PiraeusGoogle Scholar
  17. 17.
    Dutertre B, De Moura L (2006) The yices SMT solver
  18. 18.
    Forouzan BA (2007) Cryptography & network security. McGraw-Hill, Inc.Google Scholar
  19. 19.
    Gai K, Qiu M, Tao L, Zhu Y (2015) Intrusion detection techniques for mobile cloud computing in heterogeneous 5G. Security Commun Netw:1–10Google Scholar
  20. 20.
    GmbH A (2015) RSYSLOG: the rocket-fast system for log processing
  21. 21.
    Gordon AD, Jeffrey A, Haack C (2002) Cryptyc: cryptographic protocol type checker. Software available at
  22. 22.
    Hanna Y, Rajan H, Zhang W (2008) Slede: a domain-specific verification framework for sensor network security protocol implementations. In: Proceedings of the first ACM conference on Wireless network security. ACM, pp 109–118Google Scholar
  23. 23.
    Hernan S, Lambert S, Ostwald T, Shostack A (2006) Threat modeling-uncover security design flaws using the stride approach. MSDN Magazine-Louisville:68–75Google Scholar
  24. 24.
    Ihsan A, Saghar K, Fatima T (2015) Analysis of LEACH protocol (s) using formal verification. In: Applied sciences and Technology (IBCAST), 2015 12th International Bhurban conference on. IEEE, pp 254-262Google Scholar
  25. 25.
    Jensen K (1983) High-level petri nets. SpringerGoogle Scholar
  26. 26.
    Jung M, Han K, Cho J (2015) Advanced verification on WBAN and cloud computing for u-health environment. Multimed Tools Appl 74(16):6151–6168CrossRefGoogle Scholar
  27. 27.
    Kim K, Fox GC (2011) Modeling, simulation, and practice of floor control for synchronous and ubiquitous collaboration. Multimed Tools Appl 53(1):213–236CrossRefGoogle Scholar
  28. 28.
    Kim JS, Garlan D (2006) Analyzing architectural styles with alloy. In: Proceedings of the ISSTA 2006 workshop on role of software architecture for testing and analysis. ACM, pp 70-80Google Scholar
  29. 29.
    Malik SUR, Khan SU, Srinivasan SK (2013) Modeling and analysis of state-of-the-art VM-based cloud management platforms. IEEE Trans Cloud Comput 1(1):1–1CrossRefGoogle Scholar
  30. 30.
    MASSIF MASSIF Accessed 12 Mar 2015
  31. 31.
    McIver A, Meinicke L, Morgan C (2009) Security, probability and nearly fair coins in the cryptographers’ café. In: FM 2009: Formal methods. Springer, pp 41–71Google Scholar
  32. 32.
    Meyer R (2007) Secure authentication on the internet Retrieved online Mar 27, 2012Google Scholar
  33. 33.
    Mohammad M, Alagar V (2011) A formal approach for the specification and verification of trustworthy component-based systems. J Syst Softw 84(1):77–104CrossRefGoogle Scholar
  34. 34.
    Needham RM, Schroeder MD (1978) Using encryption for authentication in large networks of computers. Commun ACM 21(12):993–999CrossRefzbMATHGoogle Scholar
  35. 35.
    Needham RM, Schroeder MD (1987) Authentication revisited. ACM SIGOPS Operating Systems Review 21(1):7–7CrossRefGoogle Scholar
  36. 36.
    Nets-Concepts H-lP (2000) Definitions and graphical notation. Final Draft International Standard ISO/IEC 15909Google Scholar
  37. 37.
    Potts G (2006) OSSIM user guide the book of OSSIM open source software image map – OSSIMGoogle Scholar
  38. 38.
    Saghar K, Henderson W, Kendall D (2009) Formal modelling and analysis of routing protocol security in wireless sensor networks. In: Proceedings of the 10th annual postgraduate symposium on the convergence of telecommunications, networking and broadcasting (PGNET 09). Pp 179-184Google Scholar
  39. 39.
    Saghar K, Henderson W, Kendall D, Bouridane A (2010) Applying formal modelling to detect DoS attacks in wireless medium. In: communication systems networks and digital signal processing (CSNDSP), 2010 7th International symposium on. IEEE, pp 896-900Google Scholar
  40. 40.
    Saghar K, Henderson W, Kendall D, Bouridane A (2010) Formal modelling of a robust wireless sensor network routing protocol. In: Adaptive Hardware and Systems (AHS), 2010 NASA/ESA conference on. IEEE, pp 281–288Google Scholar
  41. 41.
    Si M, Miyazaki K, Otsuka A, Basin D (2010) How to evaluate the security of real-life cryptographic protocols? In: Financial Cryptography and Data Security. Springer, pp 182–194Google Scholar
  42. 42.
    Storm Apache Storm Accessed 10 Mar 2015
  43. 43.
    Swift D (2006) A practical application of SIM/SEM/SIEM automating threat identification. Paper, SANS Infosec Reading Room, The SANSGoogle Scholar
  44. 44.
    Tariq M, Saghar K (2015) Evaluation of a sensor network node communication using formal verification. In: Applied sciences and Technology (IBCAST), 2015 12th International Bhurban conference on. IEEE, pp 268–271Google Scholar
  45. 45.
    Tobarra L, Cazorla D, Cuartero F (2007) Formal analysis of sensor network encryption protocol (snep). In: Mobile Adhoc and Sensor Systems, 2007. MASS 2007. IEEE International conference on. IEEE, pp 1–6Google Scholar
  46. 46.
    Tobarra L, Cazorla D, Cuartero F, Diaz G, Cambronero E (2007) Model checking wireless sensor network security protocols: Tinysec+ leap. In: Wireless Sensor and Actor Networks. Springer, pp 95–106Google Scholar
  47. 47.
    Triam Triam Accessed Mar 29 2015
  48. 48.
    Trillium (2006) Trillium Pakistan (Pvt) Ltd. 2015
  49. 49.
    Webster M, Dixon C, Fisher M, Salem M, Saunders J, Koay KL, Dautenhahn K, Saez-Pons J (2016) Toward reliable autonomous robotic assistants through formal verification: a case studyGoogle Scholar
  50. 50.
    Weldemariam K, Kemmerer RA, Villafiorita A (2011) Formal analysis of an electronic voting system: an experience report. J Syst Softw 84(10):1618–1637CrossRefGoogle Scholar
  51. 51.
    William S, Stallings W (2006) Cryptography and network security, 4/E. Pearson Education IndiaGoogle Scholar
  52. 52.
    Willrich R, De Saqui-Sannes P, Sénac P, Diaz M (2002) Multimedia authoring with hierarchical timed stream petri nets and java. Multimed Tools Appl 16(1–2):7–27CrossRefzbMATHGoogle Scholar
  53. 53.
    Zhang P, Muccini H, Li B (2010) A classification and comparison of model checking software architecture techniques. J Syst Softw 83(5):723–744CrossRefGoogle Scholar
  54. 54.
    Zhang J, Liu Y, Auguston M, Sun J, Dong JS (2012) Using monterey phoenix to formalize and verify system architectures. In: Software Engineering Conference (APSEC), 2012 19th Asia-Pacific. IEEE, pp 644–653Google Scholar
  55. 55.
    Zhao K, Shen W (2015)Parallel stimulus generation based on model checking for coherence protocol verificationGoogle Scholar
  56. 56.
  57. 57.

Copyright information

© Springer Science+Business Media, LLC 2017

Authors and Affiliations

  • Masoom Alam
    • 1
  • Saif-ur-Rehman Malik
    • 1
  • Qaisar Javed
    • 2
  • Abid Khan
    • 1
  • Shamaila Bisma Khan
    • 1
  • Adeel Anjum
    • 1
  • Nadeem Javed
    • 1
  • Adnan Akhunzada
    • 1
  • Muhammad Khurram Khan
    • 3
  1. 1.Cyber Security Lab, Department of Computer ScienceCOMSATS Institute of Information TechnologyIslamabadPakistan
  2. 2.Department of Computer Science & Software EngineeringInternational Islamic UniversityIslamabadPakistan
  3. 3.Center of Excellence in Information Assurance (CoEIA)King Saud UniversityRiyadhSaudi Arabia

Personalised recommendations