Skip to main content
SpringerLink
Log in

Formal analysis and automated validation of privacy-preserving AICE protocol in mobile edge computing

  • Published:
Mobile Networks and Applications Aims and scope Submit manuscript

Abstract

Mobile Edge Computing (MEC) is proposed to meet the requirements of mobile users for low latency and response time, and its edge nodes will download data from the cloud server in advance, which arouses researchers to pay attention to the privacy-preserving authentication of mobile users and edge nodes, as well as the data integrity verification of edge nodes. Therefore, it is essential and crucial to integrate the authentication methods into data integrity verification protocol. In this paper, we propose a new integrated protocol AICE, i.e., a uthentication and i ntegrity c hecking on e dges, and then formally analyze and automatically validate the correctness and authentication security of the protocol. We first give the information flows of the AICE protocol by combining the privacy-preserving authentication (PPA) protocol and integrity checking protocol for MEC (ICE) together. According to the features of the AICE protocol, we then select the SVO logic to conduct the formal analysis of the protocol from the perspective of theoretical analysis of modal logic. Furthermore, we employ the AVISPA tool to validate the correctness of the protocol from the perspective of mechanical automatic analysis. The theoretical analysis and mechanical results demonstrate that the integrated protocol AICE satisfies the correctness and authentication.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4

Similar content being viewed by others

References

  1. Sabella D, Vaillant A, Kuure P, Rauschenbach U, Giust F (2016) Mobile-edge computing architecture: The role of MEC in the Internet of things. IEEE Consumer Electron Mag 5(4):84–91

    Article  Google Scholar 

  2. Tong L, Li Y, Gao WA (2016) Hierarchical edge cloud architecture for mobile computing. In: Proc. the 35th Annual IEEE International Conference on Computer Communications, April 10-14, pp 1–9

  3. López PG, Montresor A, Epema DHJ, Datta A, Higashino T, Iamnitchi A, Barcellos MP, Felber P, Rivière E (2015) Edge-centric computing: vision and challenges. Comput Commun Rev 45(5):37–42

    Article  Google Scholar 

  4. Ogiela U (2020) Cognitive cryptography for data security in cloud computing. Concurr. Comput. Pract. Exp., 32(18)

  5. Namasudra S (2019) An improved attribute-based encryption technique towards the data security in cloud computing. Concurr. Comput. Pract. Exp., 31(3)

  6. Gupta BB, Yamaguchi S, Agrawal DP (2018) Advances in security and privacy of multimedia big data in mobile and cloud computing. Multim. Tools Appl. 77(7):9203–9208

    Article  Google Scholar 

  7. Tong W, Jiang B, Xu F, Li Q, Zhong S (2019) Privacy-preserving data integrity verification in mobile edge computing. In: Proc. the 39th IEEE International Conference on Distributed Computing Systems, July 7-10, pp 1007–1018

  8. Kaur K, Garg S, Kaddoum G, Guizani M, Jayakody DNK (2019) A lightweight and Privacy-preserving authentication protocol for mobile edge computing. In: Proc. IEEE Global Communications Conference, December 9-13, pp 1–6

  9. Imamoto K, Sakurai K (2005) Design and analysis of diffie-hellman-based key exchange using one-time ID by SVO logic. Electron. Notes Theor Comput Sci 135(1):79–94

    Article  Google Scholar 

  10. Heintze N, Tygar JD (1996) A model for secure protocols and their compositions. IEEE Trans Software Eng 22(1):16–30

    Article  Google Scholar 

  11. Gong L, Needham RM, Yahalom R (1990) Reasoning about belief in cryptographic protocols. In: Proc. IEEE Symposium on Security and Privacy May 7-9, pp 234–248

  12. Burrows M, Abadi M, Needham RMA (1989) Logic of authentication. In: Andrews GR (ed) Proc. the 12th ACM Symposium on Operating System Principles, December 3-6, pp 1–13

  13. Abadi M, Tuttle MRA (1991) Semantics for a logic of authentication (extended abstract). In: Logrippo L (ed) Proc. the 10th Annual ACM Symposium on Principles of Distributed Computing, August 19-21, pp 201–216

  14. Oorschot PC (1993) Extending cryptographic logics of belief to key agreement protocols. In: Denning DE, Pyle R, Ganesan R, Sandhu RS, Ashby V (eds) Proc. the 1st ACM Conference on Computer and Communications Security, November 3-5, pp 232–243

  15. You I, Hori Y, Sakurai K, Enhancing SVO (2011) Logic for mobile IPv6 security protocols. J. Wirel. Mob. Networks Ubiquitous Comput. Dependable Appl. 2(3):26–52

    Google Scholar 

  16. Buttyan L (1999) Formal methods in the design of cryptographic protocols (state of the art) technical report

  17. Viganó L (2005) Automated security protocol analysis with the AVISPA tool. In: Proc. the 21st Annual Conference on Mathematical Foundations of Programming Semantics, May 18-21, pp 61–86

  18. Mir O, Weide TP, Lee C (2015) A secure user anonymity and authentication scheme using AVISPA for telecare medical information systems. J Medical Syst 39(9):89:1–89:16

    Article  Google Scholar 

  19. Ravari AN, Fallah MS (2015) A nonmonotonic modal authorization logic for pervasive computing. Scur Commun Networks 8(6):1077–1091

    Article  Google Scholar 

  20. Hella L, Järvisalo M, Kuusisto A, Laurinharju J, Lempiäinen T, Luosto K, Suomela J, Virtema J (2015) Weak models of distributed computing, with connections to modal logic. Distributed Comput 28(1):31–53

    Article  MathSciNet  Google Scholar 

  21. Fei Y, Zhu H, Vinh PC (2020) Security analysis of the access control solution of NDN using BAN logic. Mob Networks Appl 25(3):1162–1173

    Article  Google Scholar 

  22. Coffey T, Dojen R, Flanagan T (2003) On the automated implementation of modal logics used to verify security protocols. In: Proc. the 1st International Symposium on Information and Communication Technologies, September 24-26, vol 49, pp 329–334

  23. You I, Sakurai K, Hori Y (2009) A security analysis on kempf-koodli’s security scheme for fast mobile IPv6. IEICE Trans Commun 92-B(6):2287–2290

    Article  Google Scholar 

  24. Liu D, Shen J, Vijayakumar P, Wang A, Zhou T (2020) Efficient data integrity auditing with corrupted data recovery for edge computing in enterprise multimedia security. Multim Tools Appl 79 (15-16):10851–10870

    Article  Google Scholar 

  25. Echeverría S, Klinedinst D, Williams K, Lewis GA (2016) Establishing trusted identities in disconnected edge environments. In: Proc. IEEE/ACM Symposium on Edge Computing, October 27-28, pp 51–63

  26. Bhardwaj K, Shih M, Agarwal P, Gavrilovska A, Kim T, Schwan K (2016) Fast, Scalable and secure onloading of edge functions using airbox. In: Proc. IEEE/ACM Symposium on Edge Computing, October 27-28, pp 14–27

  27. Deswarte Y, Quisquater J, Saïdane A (2003) Remote integrity checking - how to trust files stored on untrusted servers. In: Proc. the 6th Working Conference on Integrity and Internal Control in Information Systems, November 13-14, pp 1–11

  28. K A, Moses MB (2020) An efficient SG-DACM framework for data integrity with user revocation in role based multiuser cloud environment. Comput. Commun. 155:84–92

    Article  Google Scholar 

  29. Garg N, Bawa S, Kumar N (2020) An efficient data integrity auditing protocol for cloud computing. Future Gener Comput. Syst. 109:306–316

    Article  Google Scholar 

  30. Almuhaideb AM, Srinivasan B, Le PD, Wilson C, Malhotra V (2012) Analysis of mobile authentication protocols by SVO logic. In: Proc. the 1st International Conference on Security of Internet of Things, August 17-19, pp 126–134

  31. Alegria JAH, Bastarrica MC, Bergel A (2010) Analyzing the scrum process model with AVISPA. In: Proc. the 29th International Conference of the Chilean Computer Science Society, November 15-19, pp 60–65

  32. Mohamadi HE, Kara N, Lagha M (2018) Formal verification of RGR-SEC, a secured RGR routing for UAANETs using AVISPA, Scyther and Tamarin. In: Proc. the 4th International Conference on Future Network Systems and Security, July 9-11, pp 3–16

  33. Aciobanitei I, Guinea R, Pura M (2018) AVISPA versus AVANTSSAR in the model checking of secure communication protocols. In: Proc. the 15th International Joint Conference on e-Business and Telecommunications, July 26-28, pp 686–691

  34. Zhang J, Zhong H, Cui J, Tian M, Xu Y, Liu L (2020) Edge computing-based privacy-preserving authentication framework and protocol for 5G-enabled vehicular networks. IEEE Trans Veh Edge computing-based privacy-preserving authentication Technol 69(7):7940–7954

    Google Scholar 

Download references

Acknowledgements

This work was partly supported by the National Key Research and Development Program of China (Grant No. 2018YFB2101300), the National Natural Science Foundation of China (Grant Nos. 61872145, 62032024), and the Excellent Doctoral Students’ Academic Innovation Ability Improvement Program of East China Normal University (Grant No. YBNLTS2021-034).

Author information

Authors and Affiliations

  1. Shanghai Key Laboratory of Trustworthy Computing, School of Computer Science and Software Engineering, East China Normal University, Shanghai, China

    Jiaqi Yin & Huibiao Zhu

  2. School of Information, Mechanical and Electrical Engineering, Shanghai Normal University, Shanghai, China

    Yuan Fei

Authors
  1. Jiaqi Yin
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Huibiao Zhu
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Yuan Fei
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding authors

Correspondence to Huibiao Zhu or Yuan Fei.

Additional information

Publisher’s Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Yin, J., Zhu, H. & Fei, Y. Formal analysis and automated validation of privacy-preserving AICE protocol in mobile edge computing. Mobile Netw Appl 26, 2258–2271 (2021). https://doi.org/10.1007/s11036-021-01850-1

Download citation

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11036-021-01850-1

Keywords

Search

Navigation